www.signin.username-id-view.718271.shop Open in urlscan Pro
194.33.40.58 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.signin.username-id-view.718271.shop/
Submission: On November 02 via automatic, source certstream-suspicious (November 2nd 2020, 3:56:58 pm UTC)

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 194.33.40.58, located in Chisinau, Moldova and belongs to AMPLICA, MD. The main domain is www.signin.username-id-view.718271.shop.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 2nd 2020. Valid for: 3 months.

This is the only time www.signin.username-id-view.718271.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
2	194.33.40.58 194.33.40.58	206698 (AMPLICA) (AMPLICA)
1	54.192.206.32 54.192.206.32	16509 (AMAZON-02) (AMAZON-02)
7	2.21.38.12 2.21.38.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	13.226.132.67 13.226.132.67	16509 (AMAZON-02) (AMAZON-02)
2	34.197.14.79 34.197.14.79	14618 (AMAZON-AES) (AMAZON-AES)
1	54.91.24.155 54.91.24.155	14618 (AMAZON-AES) (AMAZON-AES)
5	18.213.255.128 18.213.255.128	14618 (AMAZON-AES) (AMAZON-AES)
21	8

2 194.33.40.58 (Chisinau, Moldova)

ASN206698 (AMPLICA, MD)
PTR: web4.amplica.net

www.signin.username-id-view.718271.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.206.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-206-32.ham50.r.cloudfront.net

adf0901f1861.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.38.12 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-12.deploy.static.akamaitechnologies.com

ir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.132.67 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-67.dus51.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.14.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-14-79.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.24.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-24-155.compute-1.amazonaws.com

fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.213.255.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-255-128.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	forter.com 1 redirects adf0901f1861.cdn4.forter.com cdn9.forter.com cdn3.forter.com fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com cdn0.forter.com	58 KB
7	ebaystatic.com ir.ebaystatic.com	73 KB
2	718271.shop www.signin.username-id-view.718271.shop	3 KB
21	3

	Domain	Requested by
7	ir.ebaystatic.com	www.signin.username-id-view.718271.shop ir.ebaystatic.com
5	cdn0.forter.com	adf0901f1861.cdn4.forter.com
2	cdn3.forter.com	adf0901f1861.cdn4.forter.com
2	cdn9.forter.com	1 redirects
2	www.signin.username-id-view.718271.shop	www.signin.username-id-view.718271.shop
1	fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com	adf0901f1861.cdn4.forter.com
1	adf0901f1861.cdn4.forter.com	www.signin.username-id-view.718271.shop
21	7

This site contains no links.

Subject Issuer	Validity	Valid
signin.username-id-view.718271.shop Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
*.cdn4.forter.com DigiCert SHA2 Secure Server CA	`2020-09-20` - `2020-11-29`	2 months	crt.sh
www.ebay.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-08-06`	a year	crt.sh
cdn9.forter.com Amazon	`2020-05-27` - `2021-06-27`	a year	crt.sh
cdn3.forter.com DigiCert SHA2 Secure Server CA	`2019-03-24` - `2021-06-16`	2 years	crt.sh
*.cdn.forter.com DigiCert SHA2 Secure Server CA	`2020-09-18` - `2021-07-07`	10 months	crt.sh
cdn0.forter.com DigiCert SHA2 Secure Server CA	`2020-09-20` - `2021-06-13`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.signin.username-id-view.718271.shop/
Frame ID: 21B818FCE813F1352EB682164A256C78
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

8
IPs

3
Countries

134 kB
Transfer

302 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.signin.username-id-view.718271.shop/ 7 KB
3 KB 305ms
91ms Document
text/html 194.33.40.58
AMPLICA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signin.username-id-view.718271.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.33.40.58 Chisinau, Moldova, ASN206698 (AMPLICA, MD),
Reverse DNS: web4.amplica.net
Software: nginx /
Resource Hash: 6959429601a982f994b92298c1a9dd5009be8d941601163f38935651ee9b8051

Request headers

:method: GET
:authority: www.signin.username-id-view.718271.shop
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 02 Nov 2020 15:56:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=b1a93262b6da97e294734265f88d500a; path=/
content-encoding: gzip

GET
H2 200 script.js Show response
adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/ 147 KB
55 KB 171ms
70ms Script
application/javascript 54.192.206.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Requested by

Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.206.32 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-206-32.ham50.r.cloudfront.net

Software

Resource Hash

68fbd12d8185c9a5c91c1c45969143006741882d43e40ef0f76e4a292b2c5bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Origin: https://www.signin.username-id-view.718271.shop
Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 03:55:32 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 5486471
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Mon, 31 Aug 2020 03:55:32 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript; charset=utf-8
via: 1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
cache-control: private, max-age=300
x-amz-cf-pop: HAM50-C3
timing-allow-origin: *
x-amz-cf-id: W0hOyEvEe7YCEo90zKY8XbzDNoxErkQiW-ZaeKQIaZJnt_alzjosxA==
expires: Mon, 31 Aug 2020 04:00:32 GMT

GET
H2 200 34wtddjp0q1v1dtu2elv5jwg4yf.css
ir.ebaystatic.com/rs/v/ 4 KB
2 KB 134ms
43ms Stylesheet
text/css 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ir.ebaystatic.com/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N
Requested by: Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-12.deploy.static.akamaitechnologies.com
Software: ebay server /
Resource Hash: ddd6e288270268de6b427fb4760e0d1384fff8e72a643faa642d4f51203b0efe

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
content-encoding: gzip
x-cache-lookup: HIT from rnoincludecache-970415:80
status: 200
x-ebay-c-version: 1.0.0
content-length: 1724
pragma: no-cache
last-modified: Wed, 08 May 2019 00:47:47 GMT
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60utuf%3C%3Dqkiufvuq%60%28%3F63176-16cc4877c4d-0xc3
x-ebay-request-id: 16cc4877-c4d0-ad31-91e5-b1b0ffe79429![
access-control-allow-headers: *
expires: Tue, 02 Nov 2021 15:56:43 GMT

GET
H2 200 signin-render-ZiemCn4H.css
ir.ebaystatic.com/rs/c/ 74 KB
13 KB 136ms
46ms Stylesheet
text/css 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Requested by: Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-12.deploy.static.akamaitechnologies.com
Software: ebay server /
Resource Hash: eea65d451b778cad24f1eb8ed2c80baaa6fe6b135c33e06bd4f331644e7581f5

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
content-encoding: gzip
x-cache-lookup: HIT from include-cache-2:80
status: 200
x-ebay-c-version: 1.0.0
content-length: 12601
last-modified: Tue, 13 Oct 2020 21:27:23 GMT
server: ebay server
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%28em5o3*w%60ut355%3F-1752a3f0a63-0xd8
access-control-allow-headers: *
expires: Tue, 02 Nov 2021 15:56:43 GMT

GET
H2 404 nkfytkqtoxtljvzb.js
www.signin.username-id-view.718271.shop/ 0
0 83ms
83ms Script
text/html 194.33.40.58
AMPLICA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signin.username-id-view.718271.shop/nkfytkqtoxtljvzb.js
Requested by: Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.33.40.58 Chisinau, Moldova, ASN206698 (AMPLICA, MD),
Reverse DNS: web4.amplica.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Mon, 02 Nov 2020 15:56:43 GMT
server: nginx
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 fxxj3ttftm5ltcqnto1o4baovyl.png
ir.ebaystatic.com/rs/v/ 5 KB
5 KB 133ms
45ms Image
image/png 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir.ebaystatic.com/rs/v/fxxj3ttftm5ltcqnto1o4baovyl.png
Requested by: Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-12.deploy.static.akamaitechnologies.com
Software: ebay server /
Resource Hash: 5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
x-cache-lookup: HIT from rnoincludecache-970418:80
status: 200
x-ebay-c-version: 1.0.0
content-length: 4820
last-modified: Wed, 29 Oct 2014 18:09:24 GMT
server: ebay server
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%2856364%3E7-16a29803452-0xd6
x-ebay-request-id: 16a29803-4520-a866-c486-725fff04e1c7![]
access-control-allow-headers: *
warning: 113 rnoincludecache-970418 (squid) This cache hit is still fresh and more than 1 day old
expires: Tue, 02 Nov 2021 15:56:43 GMT

GET
DATA 200
OK truncated Show response
/ 0
0 Script
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H2 200 MarketSans-SemiBold-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ 22 KB
22 KB 142ms
48ms Font
application/font-woff2 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2

Requested by

Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-38-12.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.signin.username-id-view.718271.shop
Referer: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: MISS from rnoincludecache-970415:80
status: 200
content-length: 22468
x-xss-protection: 1; mode=block
server: ebay server
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60uebwh%3D9iptq%60uebwh*75621%3D4-171a5131512-0xc7
access-control-allow-headers: *
expires: Wed, 27 Oct 2021 07:18:16 GMT

GET
H2 200 sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
ir.ebaystatic.com/rs/c/ 1 KB
2 KB 50ms
48ms Image
image/png 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir.ebaystatic.com/rs/c/sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
Requested by: Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-12.deploy.static.akamaitechnologies.com
Software: ebay server /
Resource Hash: 53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf

Request headers

Referer: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
x-cache-lookup: HIT from lvsincludecache-2522846:80
status: 200
x-ebay-c-version: 1.0.0
content-length: 1201
last-modified: Tue, 24 Jul 2018 23:37:11 GMT
server: ebay server
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%284%3F31516-166c7282978-0xb8
x-ebay-request-id: 166c7282-9780-aa66-84e0-84abffc26d44![]
access-control-allow-headers: *
warning: 113 lvsincludecache-2522846 (squid) This cache hit is still fresh and more than 1 day old
expires: Tue, 02 Nov 2021 15:56:43 GMT

GET
H2 200 sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
ir.ebaystatic.com/rs/c/ 7 KB
7 KB 54ms
53ms Image
image/png 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ir.ebaystatic.com/rs/c/sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
Requested by: Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-12.deploy.static.akamaitechnologies.com
Software: ebay server /
Resource Hash: 56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699

Request headers

Referer: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
x-cache-lookup: HIT from lvsincludecache-2522846:80
status: 200
x-ebay-c-version: 1.0.0
content-length: 6886
last-modified: Tue, 18 Sep 2018 21:23:43 GMT
server: ebay server
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60utuf%3C%3Dosuufvuq%60%284245773-166c727fdf6-0xb9
x-ebay-request-id: 166c727f-df60-aa14-2882-0c76ff841291![]
access-control-allow-headers: *
warning: 113 lvsincludecache-2522846 (squid) This cache hit is still fresh and more than 1 day old
expires: Tue, 02 Nov 2021 15:56:43 GMT

GET
H2 200 MarketSans-Regular-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ 22 KB
22 KB 162ms
76ms Font
application/font-woff2 2.21.38.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-Regular-WebS.woff2

Requested by

Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2.21.38.12 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-38-12.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

75dceb1952ced6dab35cf68d3b6bf2f3d2ee9dd7b799ef2b5efb39323d093cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.signin.username-id-view.718271.shop
Referer: https://ir.ebaystatic.com/rs/c/signin-render-ZiemCn4H.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from slcincludecache-3642931:80
status: 200
content-length: 22156
x-xss-protection: 1; mode=block
server: ebay server
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
rlogid: t6q%60uebwh%3D9vjdq%60uebwh*0400%3B40%29pqtfwpu%29pie%29fgg%7E-fij-171a7aa80b9-0xbb
access-control-allow-headers: *
expires: Wed, 27 Oct 2021 07:18:16 GMT

GET
BLOB 200
OK 70838565-0325-41dc-b723-acff57898fe5
https://www.signin.username-id-view.718271.shop/ 3 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.signin.username-id-view.718271.shop/70838565-0325-41dc-b723-acff57898fe5
Requested by: Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc0e53a53a7f1a3717a228192f7b0215b0b1c383331551387c73e81f68de8e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 2584
Content-Type: application/javascript

GET
BLOB 200
OK 413d623e-db13-4501-b5eb-4fbd3cf27f40
https://www.signin.username-id-view.718271.shop/ 11 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.signin.username-id-view.718271.shop/413d623e-db13-4501-b5eb-4fbd3cf27f40
Requested by: Host: www.signin.username-id-view.718271.shop
URL: https://www.signin.username-id-view.718271.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 638b922afaf698954d85e00518fec3d3907c8fb405bfe6f4978ea49b24d9ffce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 11399
Content-Type: application/javascript

GET
H2

200

28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677

0
284 B

156ms
156ms

XHR
text/plain

13.226.132.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.67 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-67.dus51.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 02 Nov 2020 15:56:43 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
status: 200
timing-allow-origin: *
access-control-allow-origin: *
x-amz-cf-id: ufuhFF1-IJtbgIvAI-eWQlIWLb2vg8CO5mFF0jZ1cT-17wR9gAxfCA==

Redirect headers

date: Mon, 02 Nov 2020 15:56:43 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
status: 301
location: https://cdn9.forter.com/vchk2/v1/28ed58c86d4a2d783926ba1f18fb06bea1b2970a7c8e4f64eae5635ce9c3c746ac7f4bce671454e5dff04ad0a677
x-cache: Miss from cloudfront
access-control-allow-origin: *
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
x-amz-cf-id: z2G02THNy3mdEsEQuKQJOuopcr36ZGszvNGWtdh5tw93KzI_1RrJhw==

POST
H2 200 events
cdn3.forter.com/ 0
258 B 414ms
134ms Other
text/plain 34.197.14.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.14.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-14-79.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 02 Nov 2020 15:56:43 GMT
status: 200
vary: Origin
access-control-allow-origin: https://www.signin.username-id-view.718271.shop
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK prop.json
fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com/ 2 B
647 B 418ms
136ms Other
application/json 54.91.24.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com/prop.json
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.91.24.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-24-155.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 02 Nov 2020 15:56:43 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Mon, 02 Nov 2020 12:05:40 GMT
Server: Apache
ETag: "2-5b31e909f44e2"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.signin.username-id-view.718271.shop
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ 20 B
383 B 544ms
278ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/prop.json?_=1604332604335
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Nov 2020 15:56:44 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.signin.username-id-view.718271.shop
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ 20 B
383 B 129ms
128ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/prop.json?_=1604332604882
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Nov 2020 15:56:44 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.signin.username-id-view.718271.shop
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ 20 B
383 B 129ms
129ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/prop.json?_=1604332605161
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Nov 2020 15:56:45 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.signin.username-id-view.718271.shop
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ 0
0 129ms
129ms Other 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/wpt.json
Protocol: HTTP/1.1
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.signin.username-id-view.718271.shop
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Mon, 02 Nov 2020 15:56:45 GMT
Connection: keep-alive

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/ 20 B
440 B 130ms
130ms XHR
application/json 18.213.255.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/adf0901f1861/fb2ca01342854e01a191b691b323f75b/wpt.json
Requested by: Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.255.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-255-128.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 02 Nov 2020 15:56:45 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.signin.username-id-view.718271.shop
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

POST
H2 200 events
cdn3.forter.com/ 0
257 B 147ms
146ms Other
text/plain 34.197.14.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host: adf0901f1861.cdn4.forter.com
URL: https://adf0901f1861.cdn4.forter.com/sn/adf0901f1861/sha256-aPvRLYGFyaXJHBxFlpFDAGdBiC1D5A7w925KKSssW%2Bo%3D/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.14.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-14-79.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.signin.username-id-view.718271.shop/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 02 Nov 2020 15:56:51 GMT
status: 200
vary: Origin
access-control-allow-origin: https://www.signin.username-id-view.718271.shop
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
timing-allow-origin: *
expires: -1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.signin.username-id-view.718271.shop/	1970-01-21 09:26:52	Name: ftr_ncd Value: 6
.signin.username-id-view.718271.shop/	1970-01-21 09:26:52	Name: forterToken Value: fb2ca01342854e01a191b691b323f75b___UDF43_
www.signin.username-id-view.718271.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: b1a93262b6da97e294734265f88d500a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adf0901f1861.cdn4.forter.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
fb2ca01342854e01a191b691b323f75b-adf0901f1861.cdn.forter.com
ir.ebaystatic.com
www.signin.username-id-view.718271.shop
13.226.132.67
18.213.255.128
194.33.40.58
2.21.38.12
34.197.14.79
54.192.206.32
54.91.24.155
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699
638b922afaf698954d85e00518fec3d3907c8fb405bfe6f4978ea49b24d9ffce
68fbd12d8185c9a5c91c1c45969143006741882d43e40ef0f76e4a292b2c5bea
6959429601a982f994b92298c1a9dd5009be8d941601163f38935651ee9b8051
75dceb1952ced6dab35cf68d3b6bf2f3d2ee9dd7b799ef2b5efb39323d093cc4
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
ddc0e53a53a7f1a3717a228192f7b0215b0b1c383331551387c73e81f68de8e6
ddd6e288270268de6b427fb4760e0d1384fff8e72a643faa642d4f51203b0efe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea65d451b778cad24f1eb8ed2c80baaa6fe6b135c33e06bd4f331644e7581f5

www.signin.username-id-view.718271.shop Open in urlscan Pro 194.33.40.58 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

0 %IPv6

3 Domains

7 Subdomains

8 IPs

3 Countries

134 kBTransfer

302 kBSize

3 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

3 Cookies

Indicators

www.signin.username-id-view.718271.shop Open in urlscan Pro
194.33.40.58 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

8
IPs

3
Countries

134 kB
Transfer

302 kB
Size

3
Cookies

21 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!