clantonenterprise.com Open in urlscan Pro
72.167.68.75  Malicious Activity! Public Scan

URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Submission: On May 28 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 72.167.68.75, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is clantonenterprise.com.
TLS certificate: Issued by R3 on April 30th 2024. Valid for: 3 months.
This is the only time clantonenterprise.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

IP Address AS Autonomous System
2 72.167.68.75 26496 (AS-26496-...)
10 2.19.217.73 16625 (AKAMAI-AS)
1 2.19.217.174 16625 (AKAMAI-AS)
1 66.211.162.8 11643 (EBAY)
17 5
Apex Domain
Subdomains
Transfer
11 ebaystatic.com
secureir.ebaystatic.com — Cisco Umbrella Rank: 8698
gh.ebaystatic.com
securepics.ebaystatic.com — Cisco Umbrella Rank: 32772
118 KB
2 clantonenterprise.com
clantonenterprise.com
6 KB
1 ebayrtm.com
srv.main.ebayrtm.com — Cisco Umbrella Rank: 12268
459 B
0 ebay.com Failed
pages.ebay.com Failed
b.stats.ebay.com Failed
k4i7hgexxlhwt1as.stats.ebay.com Failed
17 4
Domain Requested by
6 securepics.ebaystatic.com clantonenterprise.com
secureir.ebaystatic.com
4 secureir.ebaystatic.com clantonenterprise.com
2 clantonenterprise.com
1 srv.main.ebayrtm.com clantonenterprise.com
1 gh.ebaystatic.com clantonenterprise.com
0 k4i7hgexxlhwt1as.stats.ebay.com Failed clantonenterprise.com
0 b.stats.ebay.com Failed clantonenterprise.com
0 pages.ebay.com Failed clantonenterprise.com
17 8
Subject Issuer Validity Valid
www.cordiallyinvited.to.joshuaclanton.com
R3
2024-04-30 -
2024-07-29
3 months crt.sh
www.ebay.com
Sectigo RSA Organization Validation Secure Server CA
2023-08-02 -
2024-08-01
a year crt.sh
adcmd.befr.ebay.be
Sectigo RSA Organization Validation Secure Server CA
2024-03-28 -
2025-03-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Frame ID: 346CC4635EE626834A9F7E57820146FC
Requests: 17 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

5
IPs

2
Countries

125 kB
Transfer

270 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://gh.ebaystatic.com/header/js/light.min?combo=31&rvr=59 HTTP 0
  • http://pages.ebay.com/messages/page_not_found.html

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request eBayISAPI.php
clantonenterprise.com/eBayISAPI/
17 KB
6 KB
Document
General
Full URL
https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.68.75 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.68.167.72.host.secureserver.net
Software
Apache / PHP/7.3.33
Resource Hash
ae3197c8ecdba81e983eac1a437d7253c2a0e501eb47a4042c8b096e456da821

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-length
5727
content-type
text/html; charset=UTF-8
date
Tue, 28 May 2024 23:56:36 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
yj42dvrod253tpxfgkawgc4it.css
secureir.ebaystatic.com/v4css/z/qe/
18 KB
5 KB
Stylesheet
General
Full URL
https://secureir.ebaystatic.com/v4css/z/qe/yj42dvrod253tpxfgkawgc4it.css
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
45b8a6ae408ed4cf28f21c53db7144daec07b5ced46e3a268dacf6387478d9b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
content-encoding
br
x-cache-lookup
MISS from include-cache-0:8080
x-cdn
AKAMAI
strict-transport-security
max-age=31536000
akamai-grn
0.0c532217.1714813791.15322e55, 0.a7931102.1716940597.60c77d8
x-ebay-c-version
1.0.0
content-length
4102
last-modified
Sat, 04 May 2024 09:09:52 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%280m1v2*w%60ut3522-18f42dded87-0xe9
x-ebay-request-id
18f42dde-d870-a2b5-5741-c827ff92c40e!v3resource.cview!slcressvc-6j2s4-tess0045.stratus.slc.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 28 May 2025 23:56:37 GMT
1qqc345kge1utev0egp1or2oh.js
secureir.ebaystatic.com/v4js/z/m4/
102 KB
28 KB
Script
General
Full URL
https://secureir.ebaystatic.com/v4js/z/m4/1qqc345kge1utev0egp1or2oh.js
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
8407e73b7c371e038730227361124286d879520d5e6c5e301ce8c1545db58742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ebay-client-tls-version
TLSv1.2, 95.100.94.158
content-encoding
br
x-cache-lookup
MISS from include-cache-1:8080
x-cdn
AKAMAI
date
Tue, 28 May 2024 23:56:37 GMT
akamai-grn
0.8b431202.1713025132.40546cc, 0.a7931102.1716940597.60c77da
strict-transport-security
max-age=31536000
x-ebay-c-version
1.0.0
content-length
28230
last-modified
Sat, 13 Apr 2024 16:18:53 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%28v0w%7Fr*w%60ut3540-18ed8412902-0xe8
x-ebay-request-id
18ed8412-9020-ac73-0364-a03effeb54f4!v3resource.cview!lvsressvc-p7tzt-tess0027.stratus.lvs.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 28 May 2025 23:56:37 GMT
341wgvdjgy2abb1qzf3cxflzf.js
secureir.ebaystatic.com/v4js/z/eu/
6 KB
2 KB
Script
General
Full URL
https://secureir.ebaystatic.com/v4js/z/eu/341wgvdjgy2abb1qzf3cxflzf.js
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ebay-client-tls-version
TLSv1.2, 104.126.37.132
content-encoding
br
x-cache-lookup
MISS from include-cache-1:8080
x-cdn
AKAMAI
date
Tue, 28 May 2024 23:56:37 GMT
akamai-grn
0.44361060.1715617673.748d851a, 0.a7931102.1716940597.60c77d9
strict-transport-security
max-age=31536000
x-ebay-c-version
1.0.0
content-length
1873
last-modified
Mon, 13 May 2024 16:27:55 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%28%60vow%7E*w%60ut3530-18f72c8359e-0xea
x-ebay-request-id
18f72c83-59e0-a513-4651-c9f6fff4327b!v3resource.cview!lvsressvc-fqlrx-tess0057.stratus.lvs.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 28 May 2025 23:56:37 GMT
all.min
gh.ebaystatic.com/header/css/
0
0
Stylesheet
General
Full URL
https://gh.ebaystatic.com/header/css/all.min?combo=31&rvr=34
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.174 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-174.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
MISS from include-cache-3:8080
x-cdn
AKAMAI
akamai-grn
0.d4931102.1716940597.cff3b58
x-ebay-mesh-server-pod-ip
10.184.85.68
x-envoy-upstream-service-time
7
x-ebay-mesh-gw-name
istioingressgateway-production-lvsaz02-02
x-ebay-mesh-gw-upstream-duration
7
x-ebay-mesh-gw-duration
8
content-length
0
x-ebay-mesh-server-response-flag
-
server
ebay server
x-ebay-mesh-server-duration
2
x-ebay-mesh-gw-pod-name
istio-ingressgateway-02-77c6447777-xwlxb
cache-control
public, max-age=31536000, immutable
x-ebay-mesh-gw-pod-ip
10.81.228.175
x-ebay-mesh-server-start
2024-05-28T23:56:37.708Z
expires
Wed, 28 May 2025 23:56:37 GMT
s.gif
securepics.ebaystatic.com/aw/pics/
49 B
255 B
Image
General
Full URL
https://securepics.ebaystatic.com/aw/pics/s.gif
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
HIT from pics-cache-2:8080
last-modified
Tue, 14 Nov 2023 02:47:44 GMT
server
Apache
etag
"31-60a13cfaaa6ef"
content-type
image/gif
cache-control
max-age=798555
accept-ranges
bytes
content-length
49
expires
Fri, 07 Jun 2024 05:45:52 GMT
page_not_found.html
pages.ebay.com/messages/
Redirect Chain
  • https://gh.ebaystatic.com/header/js/light.min?combo=31&rvr=59
  • http://pages.ebay.com/messages/page_not_found.html
0
0

eBayISAPI.dll
b.stats.ebay.com/ws/
0
0

eBayISAPI.dll
k4i7hgexxlhwt1as.stats.ebay.com/ws/
0
0

imgEBPSignIn455x315.jpg
securepics.ebaystatic.com/aw/pics/buy/trust/
44 KB
44 KB
Image
General
Full URL
https://securepics.ebaystatic.com/aw/pics/buy/trust/imgEBPSignIn455x315.jpg
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1d17cc06314dcbe245ec6ef9adbbce2952775f591999c8a9c1300d6e16c9d887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
HIT from pics-cache-1:8080
last-modified
Tue, 14 Nov 2023 02:38:32 GMT
server
Apache
etag
"b070-60a13aebd5c20"
content-type
image/jpeg
cache-control
max-age=3292190
accept-ranges
bytes
content-length
45168
expires
Sat, 06 Jul 2024 02:26:27 GMT
logoVeriSign_100x65.gif
securepics.ebaystatic.com/aw/pics/logos/
2 KB
2 KB
Image
General
Full URL
https://securepics.ebaystatic.com/aw/pics/logos/logoVeriSign_100x65.gif
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80e06f41aef51aba092b9dd89d0441450c13b3d6e711272b493c0cbd1db9f42f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
MISS from pics-cache-0:8080
last-modified
Tue, 14 Nov 2023 02:41:42 GMT
server
Apache
etag
"72b-60a13ba10f0cd"
content-type
image/gif
cache-control
max-age=2957969
accept-ranges
bytes
content-length
1835
expires
Tue, 02 Jul 2024 05:36:06 GMT
rtm
srv.main.ebayrtm.com/
44 B
459 B
Script
General
Full URL
https://srv.main.ebayrtm.com/rtm?RtmGetCapJs&p=18
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.211.162.8 , United States, ASN11643 (EBAY, US),
Reverse DNS
ufespubweb-madronaext-ebay-com-1-443.ufespubweb.svc.155.tess.io
Software
ebay-proxy-server /
Resource Hash
6e755cdc13f2487c5adeecd27a361e45d4c621b409c155a5af43e0bd2d4ab038
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
strict-transport-security
max-age=31536000
server
ebay-proxy-server
x-ebay-pop-id
SLBLVSAZ04
content-type
application/x-javascript;charset=UTF-8
x-envoy-upstream-service-time
9
rlogid
t6ndbulkgb%7Bq%3C%3Dpiejbathmdc%7Fw%280k6b%3F*w%60ut3527-18fc1a268c3-0x2351
down-rlogids
MadronaExt-To-MadronaExt=empty;
content-length
44
wduh1yzk1i2nbd1invggpgadl.js
secureir.ebaystatic.com/v4js/z/2r/
66 KB
22 KB
Script
General
Full URL
https://secureir.ebaystatic.com/v4js/z/2r/wduh1yzk1i2nbd1invggpgadl.js
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
e7d67c0b355ffe222d05cb0c6dd1c1143adaf9be23031c73682a0cb8b9f29d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
content-encoding
gzip
x-cache-lookup
MISS from include-cache-0:8080
x-cdn
AKAMAI
strict-transport-security
max-age=31536000
akamai-grn
0.6df47568.1716940597.4e6d8637, 0.a7931102.1716940597.60c77e3
x-ebay-c-version
1.0.0
content-length
22019
last-modified
Tue, 23 Oct 2018 18:58:48 GMT
server
ebay server
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%28uq43%7E*w%60ut3527-18d9816ed41-0xe3
access-control-allow-headers
*
expires
Wed, 29 May 2024 00:11:37 GMT
s.gif
securepics.ebaystatic.com/aw/pics/
49 B
0
Image
General
Full URL
https://securepics.ebaystatic.com/aw/pics/s.gif
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:37 GMT
x-cache-lookup
HIT from pics-cache-2:8080
last-modified
Tue, 14 Nov 2023 02:47:44 GMT
server
Apache
etag
"31-60a13cfaaa6ef"
content-type
image/gif
cache-control
max-age=798555
accept-ranges
bytes
content-length
49
expires
Fri, 07 Jun 2024 05:45:52 GMT
sprBubbleHelp1.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/
3 KB
3 KB
Image
General
Full URL
https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprBubbleHelp1.png
Requested by
Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/v4css/z/qe/yj42dvrod253tpxfgkawgc4it.css#SignInApp_SgnIn_e773_Ear_en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ccf44591ff1ffd720ddc82cb0463a4b01cc3b7c439af2065bc15b2b98dea303
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secureir.ebaystatic.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:38 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
MISS from pics-cache-3:8080
last-modified
Tue, 14 Nov 2023 02:39:17 GMT
server
Apache
etag
"c1a-60a13b16542a0"
content-type
image/png
cache-control
max-age=3886281
accept-ranges
bytes
content-length
3098
expires
Fri, 12 Jul 2024 23:27:59 GMT
sprButtons.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/
11 KB
11 KB
Image
General
Full URL
https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprButtons.png
Requested by
Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/v4css/z/qe/yj42dvrod253tpxfgkawgc4it.css#SignInApp_SgnIn_e773_Ear_en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2.19.217.73 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-73.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secureir.ebaystatic.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:38 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
HIT from pics-cache-1:8080
last-modified
Tue, 14 Nov 2023 02:39:17 GMT
server
Apache
etag
"2a90-60a13b1654e5a"
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
content-length
10896
expires
Fri, 12 Jul 2024 23:56:38 GMT
favicon.ico
clantonenterprise.com/
1 KB
769 B
Other
General
Full URL
https://clantonenterprise.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.68.75 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
75.68.167.72.host.secureserver.net
Software
Apache /
Resource Hash
59453cc7ce58d6637ec6586b5794cdc8c151afadb9e599a7a494cef99eb6ff4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 23:56:38 GMT
content-encoding
br
last-modified
Fri, 18 Jun 2010 04:51:53 GMT
server
Apache
etag
"420bf4-47e-48946b6b6ec40-br"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
content-length
650

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pages.ebay.com
URL
http://pages.ebay.com/messages/page_not_found.html
Domain
b.stats.ebay.com
URL
https://b.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=1
Domain
k4i7hgexxlhwt1as.stats.ebay.com
URL
https://k4i7hgexxlhwt1as.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| vjo string| clz function| ed object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject boolean| _GlobalNavHeaderUtf8Encoding string| includeHost object| GH object| GH_config string| RoverDomainBaseUrl number| svrGMT string| pageID string| pageName function| _a2 function| _b2 function| _c2 function| _d2 function| _e2 function| _f2 function| _g2 function| _h2 function| _i2 function| _j2 function| _k2 function| _l2 function| _m2 function| _n2 function| _o2 function| _p2 function| _q2 function| _r2 function| _s2 undefined| AO_timer_resize undefined| AO_timer_scroll function| _t2 function| _u2 function| _v2 function| _w2 function| _x2 function| _y2 function| _z2 function| _ba2 function| _bb2 function| _bc2 function| _bd2 function| _be2 function| _bf2 function| _bg2 function| _bh2 function| _bi2 function| _bj2 function| _bk2 function| _bl2 function| _bm2 function| _bn2 function| _bo2 function| _bp2 function| _bq2 function| _br2 function| _bs2 function| _bt2 function| _bu2 function| setVariable string| cId object| AO_globals

0 Cookies

7 Console Messages

Source Level URL
Text
network error URL: https://k4i7hgexxlhwt1as.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=2
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://b.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://gh.ebaystatic.com/header/css/all.min?combo=31&rvr=34
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Message:
Mixed Content: The page at 'https://clantonenterprise.com/eBayISAPI/eBayISAPI.php' was loaded over HTTPS, but requested an insecure script 'http://pages.ebay.com/messages/page_not_found.html'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php(Line 39)
Message:
Mixed Content: The page at 'https://clantonenterprise.com/eBayISAPI/eBayISAPI.php' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://qu.ebay.com/survey?srvName=globalheader+%28footer-US%29'. This endpoint should be made available over a secure connection.
recommendation warning URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Message:
[DOM] Found 2 elements with non-unique id #ru: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o