urlscan.io logo urlscan.io
SecurityTrails logo

clantonenterprise.com Open in urlscan Pro
72.167.68.75  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Submission: On October 31 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 72.167.68.75, located in United States and belongs to GO-DADDY-COM-LLC, US. The main domain is clantonenterprise.com.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.
This is the only time clantonenterprise.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

IP Address AS Autonomous System
1 72.167.68.75 398101 (GO-DADDY-...)
4 104.75.89.51 16625 (AKAMAI-AS)
1 104.75.89.144 16625 (AKAMAI-AS)
5 23.35.237.31 16625 (AKAMAI-AS)
1 66.211.163.8 11643 (EBAY)
16 6
1    72.167.68.75 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 75.68.167.72.host.secureserver.net
clantonenterprise.com
4    104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com
secureir.ebaystatic.com
1    104.75.89.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-144.deploy.static.akamaitechnologies.com
gh.ebaystatic.com
5    23.35.237.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-31.deploy.static.akamaitechnologies.com
securepics.ebaystatic.com
1    66.211.163.8 (United States)

ASN11643 (EBAY, US)
PTR: madronaext-public-rnoaz05-1-1.ebay.com
srv.main.ebayrtm.com
Apex Domain
Subdomains		 Transfer
10 ebaystatic.com
secureir.ebaystatic.com — Cisco Umbrella Rank: 7367
gh.ebaystatic.com
securepics.ebaystatic.com — Cisco Umbrella Rank: 32780
116 KB
1 ebayrtm.com
srv.main.ebayrtm.com — Cisco Umbrella Rank: 12307
413 B
1 clantonenterprise.com
clantonenterprise.com
6 KB
0 ebay.com Failed
b.stats.ebay.com Failed
k4i7hgexxlhwt1as.stats.ebay.com Failed
pages.ebay.com Failed
16 4
Domain Requested by
5 securepics.ebaystatic.com clantonenterprise.com
secureir.ebaystatic.com
4 secureir.ebaystatic.com clantonenterprise.com
1 srv.main.ebayrtm.com clantonenterprise.com
1 gh.ebaystatic.com clantonenterprise.com
1 clantonenterprise.com
0 pages.ebay.com Failed clantonenterprise.com
0 k4i7hgexxlhwt1as.stats.ebay.com Failed clantonenterprise.com
0 b.stats.ebay.com Failed clantonenterprise.com
16 8

This site contains no links.

Subject Issuer Validity Valid
webdisk.monetaryheresy.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
www.ebay.com
Sectigo RSA Organization Validation Secure Server CA		 2023-08-02 -
2024-08-01		 a year crt.sh
adcmd.befr.ebay.be
Sectigo RSA Organization Validation Secure Server CA		 2023-07-31 -
2024-07-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Frame ID: 4E2E61F223B111588852706163938794
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

16
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

6
IPs

2
Countries

122 kB
Transfer

269 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://gh.ebaystatic.com/header/js/light.min?combo=31&rvr=59 HTTP 0
  • http://pages.ebay.com/messages/page_not_found.html

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
clantonenterprise.com/eBayISAPI/eBayISAPI.php/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.167.68.75 , United States, ASN398101 (GO-DADDY-COM-LLC, US),
Reverse DNS
75.68.167.72.host.secureserver.net
Software
Apache / PHP/7.3.33
Resource Hash
ae3197c8ecdba81e983eac1a437d7253c2a0e501eb47a4042c8b096e456da821

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
5727
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 02:25:58 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
yj42dvrod253tpxfgkawgc4it.css
secureir.ebaystatic.com/v4css/z/qe/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4css/z/qe/yj42dvrod253tpxfgkawgc4it.css
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-51.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
45b8a6ae408ed4cf28f21c53db7144daec07b5ced46e3a268dacf6387478d9b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
content-encoding
br
x-cache-lookup
MISS from include-cache-2:8080
x-cdn
AKAMAI
strict-transport-security
max-age=31536000
akamai-grn
0.1cd53e17.1698657573.a693b3b, 0.8b6656b8.1698719158.1374f57e
x-ebay-c-version
1.0.0
content-length
4102
last-modified
Mon, 30 Oct 2023 09:19:33 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dqkiufvuq%60%28b%3F5gp*w%60ut3541-18b7fe19a36-0xdf
x-ebay-request-id
18b7fe19-a360-a4d6-f581-e6aeffffd4c8!v3resource.cview!rnoressvc-d86bv-tess0026.stratus.rno.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 30 Oct 2024 02:25:58 GMT
1qqc345kge1utev0egp1or2oh.js
secureir.ebaystatic.com/v4js/z/m4/ 		102 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4js/z/m4/1qqc345kge1utev0egp1or2oh.js
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-51.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
8407e73b7c371e038730227361124286d879520d5e6c5e301ce8c1545db58742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
content-encoding
br
x-cache-lookup
HIT from include-cache-1:8080
x-cdn
AKAMAI
strict-transport-security
max-age=31536000
akamai-grn
0.51b03b17.1696552074.3a3e60d2, 0.8b6656b8.1698719158.1374f57f
x-ebay-c-version
1.0.0
content-length
28230
last-modified
Fri, 06 Oct 2023 00:27:55 GMT
server
Akamai Resource Optimizer
warning
113 squid "This cache hit is still fresh and more than 1 day old"
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%28kpriq*w%60ut3522-18ae897390f-0xdc
x-ebay-request-id
18ae8973-90f0-a558-e501-0638fffbdfe9!v3resource.cview!slcressvc-mwqlw-tess0045.stratus.slc.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 30 Oct 2024 02:25:58 GMT
341wgvdjgy2abb1qzf3cxflzf.js
secureir.ebaystatic.com/v4js/z/eu/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4js/z/eu/341wgvdjgy2abb1qzf3cxflzf.js
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-51.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
152, 152, 152, 152
date
Tue, 31 Oct 2023 02:25:58 GMT
content-encoding
br
x-cache-lookup
MISS from include-cache-3:8080
x-cdn
AKAMAI
strict-transport-security
max-age=31536000
akamai-grn
0.8e1f1eb8.1684482647.92cc4c, , , 0.8b6656b8.1698719158.1374f580
x-edgeconnect-midmile-rtt
0, 0, 114, 0
x_ak_parent_ip_1
104.117.244.113
x-ebay-c-version
1.0.0
content-length
1873
last-modified
Fri, 19 May 2023 07:50:48 GMT
server
Akamai Resource Optimizer
x-edgeconnect-cache-status
1
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dqkiufvuq%60%28pv%3A%7D4*w%60ut3542-18832fd673d-0xc7
x-ebay-request-id
18832fd6-73d0-a6e5-5701-5b8fffed6418!v3resource.cview!rnoressvc-vq9x2-tess0025.stratus.rno.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 30 Oct 2024 02:25:58 GMT
all.min
gh.ebaystatic.com/header/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gh.ebaystatic.com/header/css/all.min?combo=31&rvr=34
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.75.89.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-144.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:59 GMT
strict-transport-security
max-age=31536000
x-cache-lookup
MISS from include-cache-3:8080
server
ebay server
x-cdn
AKAMAI
akamai-grn
0.986656b8.1698719158.f1ff65e
cache-control
public, max-age=31536000, immutable
content-length
0
expires
Wed, 30 Oct 2024 02:25:59 GMT
s.gif
securepics.ebaystatic.com/aw/pics/ 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/s.gif
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.35.237.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
x-cache-lookup
MISS from pics-cache-2:8080
last-modified
Tue, 30 May 2017 21:03:22 GMT
server
Apache
etag
"31-550c4224c68c3"
content-type
image/gif
cache-control
max-age=2995473
accept-ranges
bytes
content-length
49
x-xss-protection
1; mode=block
expires
Mon, 04 Dec 2023 18:30:31 GMT
light.min
gh.ebaystatic.com/header/js/ 		0
0
eBayISAPI.dll
b.stats.ebay.com/ws/ 		0
0
eBayISAPI.dll
k4i7hgexxlhwt1as.stats.ebay.com/ws/ 		0
0
imgEBPSignIn455x315.jpg
securepics.ebaystatic.com/aw/pics/buy/trust/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/buy/trust/imgEBPSignIn455x315.jpg
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.35.237.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1d17cc06314dcbe245ec6ef9adbbce2952775f591999c8a9c1300d6e16c9d887
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
x-cache-lookup
MISS from pics-cache-1:8080
last-modified
Tue, 30 May 2017 20:58:29 GMT
server
Apache
etag
"b070-550c410d51419"
content-type
image/jpeg
cache-control
max-age=3826387
accept-ranges
bytes
content-length
45168
x-xss-protection
1; mode=block
expires
Thu, 14 Dec 2023 09:19:05 GMT
logoVeriSign_100x65.gif
securepics.ebaystatic.com/aw/pics/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/logos/logoVeriSign_100x65.gif
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.35.237.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80e06f41aef51aba092b9dd89d0441450c13b3d6e711272b493c0cbd1db9f42f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
x-cache-lookup
HIT from pics-cache-1:8080
last-modified
Tue, 30 May 2017 20:59:56 GMT
server
Apache
etag
"72b-550c415fcc116"
x-edgeconnect-cache-status
1
content-type
image/gif
cache-control
max-age=3826369
accept-ranges
bytes
content-length
1835
x-xss-protection
1; mode=block
expires
Thu, 14 Dec 2023 09:18:47 GMT
rtm
srv.main.ebayrtm.com/ 		44 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.main.ebayrtm.com/rtm?RtmGetCapJs&p=18
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
66.211.163.8 , United States, ASN11643 (EBAY, US),
Reverse DNS
madronaext-public-rnoaz05-1-1.ebay.com
Software
ebay-proxy-server /
Resource Hash
6e755cdc13f2487c5adeecd27a361e45d4c621b409c155a5af43e0bd2d4ab038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
server
ebay-proxy-server
x-ebay-pop-id
SLBRNOAZ05
content-type
application/x-javascript;charset=UTF-8
x-envoy-upstream-service-time
25
rlogid
t6ndbulkgb%7Bq%3C%3Dqkijbathmdc%7Fw%28ka4sb*w%60ut3550-18b838d54a4-0x2328
down-rlogids
MadronaExt-To-MadronaExt=empty;
content-length
44
wduh1yzk1i2nbd1invggpgadl.js
secureir.ebaystatic.com/v4js/z/2r/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4js/z/2r/wduh1yzk1i2nbd1invggpgadl.js
Requested by
Host: clantonenterprise.com
URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-51.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e7d67c0b355ffe222d05cb0c6dd1c1143adaf9be23031c73682a0cb8b9f29d69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://clantonenterprise.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:25:58 GMT
content-encoding
br
x-cache-lookup
MISS from include-cache-0:8080
x-cdn
AKAMAI
strict-transport-security
max-age=31536000
akamai-grn
0.06951160.1694467249.2ec1d02, 0.8b6656b8.1698719158.1374f581
x-ebay-c-version
1.0.0
content-length
19740
last-modified
Mon, 11 Sep 2023 21:20:50 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dqkiufvuq%60%28p2smq*w%60ut3541-18a861e5512-0xe1
x-ebay-request-id
18a861e5-5120-ad34-6351-cd58ffff8701!v3resource.cview!rnoressvc-v5phw-tess0026.stratus.rno.ebay.com!r1ressvc[]
access-control-allow-headers
*
expires
Wed, 30 Oct 2024 02:25:58 GMT
page_not_found.html
pages.ebay.com/messages/
Redirect Chain
  • https://gh.ebaystatic.com/header/js/light.min?combo=31&rvr=59
  • http://pages.ebay.com/messages/page_not_found.html
0
0
sprBubbleHelp1.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprBubbleHelp1.png
Requested by
Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/v4css/z/qe/yj42dvrod253tpxfgkawgc4it.css#SignInApp_SgnIn_e773_Ear_en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.35.237.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ccf44591ff1ffd720ddc82cb0463a4b01cc3b7c439af2065bc15b2b98dea303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secureir.ebaystatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:26:00 GMT
x-cache-lookup
MISS from pics-cache-0:8080
last-modified
Tue, 30 May 2017 20:58:47 GMT
server
Apache
etag
"c1a-550c411e4e0c1"
content-type
image/png
cache-control
max-age=3503985
accept-ranges
bytes
content-length
3098
expires
Sun, 10 Dec 2023 15:45:45 GMT
sprButtons.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprButtons.png
Requested by
Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/v4css/z/qe/yj42dvrod253tpxfgkawgc4it.css#SignInApp_SgnIn_e773_Ear_en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.35.237.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secureir.ebaystatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:26:00 GMT
x-cache-lookup
HIT from pics-cache-1:8080
last-modified
Tue, 30 May 2017 20:58:47 GMT
server
Apache
etag
"2a90-550c411e4e891"
content-type
image/png
cache-control
max-age=3814127
accept-ranges
bytes
content-length
10896
x-xss-protection
1; mode=block
expires
Thu, 14 Dec 2023 05:54:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gh.ebaystatic.com
URL
https://gh.ebaystatic.com/header/js/light.min?combo=31&rvr=59
Domain
b.stats.ebay.com
URL
https://b.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=1
Domain
k4i7hgexxlhwt1as.stats.ebay.com
URL
https://k4i7hgexxlhwt1as.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=2
Domain
pages.ebay.com
URL
http://pages.ebay.com/messages/page_not_found.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

5 Console Messages

Source Level URL
Text
network error URL: https://b.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://k4i7hgexxlhwt1as.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=2
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://gh.ebaystatic.com/header/css/all.min?combo=31&rvr=34
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/
Message:
Mixed Content: The page at 'https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/' was loaded over HTTPS, but requested an insecure script 'http://pages.ebay.com/messages/page_not_found.html'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/(Line 39)
Message:
Mixed Content: The page at 'https://clantonenterprise.com/eBayISAPI/eBayISAPI.php/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://qu.ebay.com/survey?srvName=globalheader+%28footer-US%29'. This endpoint should be made available over a secure connection.