manligtharavfall.se Open in urlscan Pro
104.21.11.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://manligtharavfall.se/agricole/b9d1f/
Submission: On September 27 via automatic, source openphish (September 27th 2021, 1:14:38 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 104.21.11.100, located in and belongs to CLOUDFLARENET, US. The main domain is manligtharavfall.se.

This is the only time manligtharavfall.se was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
9 18	104.21.11.100 104.21.11.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	67.199.248.12 67.199.248.12	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
8	104.75.89.51 104.75.89.51	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2

18 104.21.11.100 (None, ) 9 redirects

ASN13335 (CLOUDFLARENET, US)

manligtharavfall.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.199.248.12 (United States) 8 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com

ebay.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.89.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-51.deploy.static.akamaitechnologies.com

www.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	manligtharavfall.se 9 redirects manligtharavfall.se	168 KB
8	ebay.com www.ebay.com
8	ebay.to 8 redirects ebay.to	877 B
17	3

	Domain	Requested by
18	manligtharavfall.se	9 redirects manligtharavfall.se
8	www.ebay.com	manligtharavfall.se
8	ebay.to	8 redirects
17	3

This site contains no links.

Subject Issuer	Validity	Valid
www.ebay.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-25` - `2022-08-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://manligtharavfall.se/agricole/b9d1f/
Frame ID: 7F2445FAAEFB509242DC0120C9D49619
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://manligtharavfall.se/agricole/b9d1f HTTP 301
http://manligtharavfall.se/agricole/b9d1f/ Page URL

Page Statistics

17
Requests

47 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

162 kB
Transfer

302 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://manligtharavfall.se/agricole/b9d1f HTTP 301
http://manligtharavfall.se/agricole/b9d1f/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://manligtharavfall.se/agricole/b9d1f/img/main_repeat.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 9

http://manligtharavfall.se/agricole/b9d1f/img/entete_light.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 10

http://manligtharavfall.se/agricole/b9d1f/img/main_haut.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 11

http://manligtharavfall.se/agricole/b9d1f/img/picto_aide.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 12

http://manligtharavfall.se/agricole/b9d1f/img/bloc_arrond_bas.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 13

http://manligtharavfall.se/agricole/b9d1f/img/bloc_arrond_haut.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 14

http://manligtharavfall.se/agricole/b9d1f/img/thead.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

Request Chain 15

http://manligtharavfall.se/agricole/b9d1f/img/bg_form.png HTTP 302
https://ebay.to/3lRyYKk HTTP 301
https://www.ebay.com/itm/402411465686

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response manligtharavfall.se/agricole/b9d1f/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f http://manligtharavfall.se/agricole/b9d1f/	22 KB 7 KB	58ms 58ms	Document text/html	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ab1fae138f193fc2401fec657282e3a62956a434534161e3dd9f34209769c96` Request headers Host manligtharavfall.se Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive vary Accept-Encoding CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yzxRGiKo%2BH1hn8Hrgo69uLY5eUgfdEOqcrQUYsD%2BocTmtK2FDRuphPd2ViuTnIcjGYhjq%2Bv4mFjmga%2Bquxgh8kaugfLyQl%2FXAcnJ9ojKn8NGWXJh85hNBF3%2Bvn6AC%2BXkcn1M1wZ"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6954fee4794140cf-CDG Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers Date Mon, 27 Sep 2021 13:14:33 GMT Content-Type text/html; charset=iso-8859-1 Transfer-Encoding chunked Connection keep-alive location http://manligtharavfall.se/agricole/b9d1f/ CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMAIbaNB1THZK%2F7GfpZwkatfbF6Xy%2B%2Be1gSPWNVLhA3KbqmUBvuwf4jmjcggpfxGuXZH97yEGbDvzeQqz5rzaqITguRRHJqFikqZAmpZeNDW4IvB2CNUQ7dl2llr6TF9M7f8zlRs"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6954fee3cfec40cf-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	antiquus.css manligtharavfall.se/agricole/b9d1f/img/	27 KB 4 KB	90ms 90ms	Stylesheet text/css	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://manligtharavfall.se/agricole/b9d1f/img/antiquus.css Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b12a4b22caaef4212f2009c98ad1f0839d4eb305963b9fe34e733ed39c613906` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 3263 last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "6de0-59ed53ba0726b-gzip" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHCLlqRZbwcDkB8PQfO2iRo2K9dDms2xUElU%2BqHpF3j2iMmm4Ly20SkT0rfaEW9Dyc%2FNmTPOmJkyEF2pflI%2BVjJWB3T0xOqO2UJGhHMh8p%2BuItu%2FfSKlG0ZXv%2Bj5bs44wDLYgE%2B6"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6954fee4fa0540cf-CDG
GET H/1.1	200 OK	styles.css manligtharavfall.se/agricole/b9d1f/img/	91 KB 15 KB	152ms 137ms	Stylesheet text/css	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://manligtharavfall.se/agricole/b9d1f/img/styles.css Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `998a6dcd6933dbbeb0df3491f66485dffc51cc1b86b78e6c947309b49f69ef07` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 14846 last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "16d5a-59ed53ba0726b-gzip" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtsyXuIO9tNzPT67Wji5s0jqzVC4C1dxyk1VDMMWhtk2nlqPvcw3LTyfV5ucXcaGqeBF3dmLbSZap%2FrL34CHU8lK5TJGD2g7ih9dp7furGGWETl6%2BAEGqHW3EwZy3xJL3S6oDTN%2B"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6954fee50ef23b9d-CDG
GET H/1.1	200 OK	styles-mod.css manligtharavfall.se/agricole/b9d1f/img/	17 KB 5 KB	108ms 93ms	Stylesheet text/css	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://manligtharavfall.se/agricole/b9d1f/img/styles-mod.css Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a039f4dc8a5176a76d1bd43d001ebdc43a078de91784bcf124a80ed176b18334` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 3905 last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "4206-59ed53ba0726b-gzip" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiQRoPzhDlNt%2B61OvplcdmfSo0ulEONyXSQU1fy3QezhZZQKbTfmKpgHzzcGbxDLL5LF36V3LKEiAoeqsV34RWmpNUVoiRl1asCCkXevYWHaIGEuUwGrB4JB6E2vBuwA%2BM5nnWPB"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6954fee50e9eedef-CDG
GET H/1.1	200 OK	stb.css manligtharavfall.se/agricole/b9d1f/img/	4 KB 2 KB	115ms 99ms	Stylesheet text/css	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://manligtharavfall.se/agricole/b9d1f/img/stb.css Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f2bf55059385af8479348599359f58c9653580315dd91a73c27b78247d72057d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,/;q=0.1 Referer http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1054 last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "f71-59ed53ba0726b-gzip" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnSLKeyf6jSqp6ty5RxIh4972FMVVYktCVsPSuYiaBbCj7PVYzlwwYi2VkfthpG63CgNUUxvAVzS%2FF8oCsGZYmV4q5CATjOpmcga6PeVPlOeChSNPPreZQRQ%2B0mv8Tg4LEulfEpc"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6954fee5192040f3-CDG
GET H/1.1	200 OK	infosbulle.js Show response manligtharavfall.se/agricole/b9d1f/img/	18 KB 5 KB	103ms 87ms	Script application/javascript	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://manligtharavfall.se/agricole/b9d1f/img/infosbulle.js Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `825c08ee02e0e09890aff63d85ddf4af1889ff7895222756c7d757fdccd49736` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept / Referer http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 3978 last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "4734-59ed53ba0726b-gzip" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uixo9x1TOF4h6ZTsNrQGyUOzBdBUp7xiaRpsnEB0jbi5HkA5rnFC2Hp8LJ6yR634InIuxuLkAgU8gxDJkAJYsY%2BZBBKw5sAbAdZyPWrkIdojGNpnrzVPzpZNjbqWPQwd8JdaFhPG"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 6954fee50de40877-CDG
GET H/1.1	200 OK	526614logo878.png manligtharavfall.se/agricole/b9d1f/img/	11 KB 12 KB	89ms 89ms	Image image/png	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://manligtharavfall.se/agricole/b9d1f/img/526614logo878.png Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c556f78060563ad573621734b8df8edc74c22991b780a59b48f3066e539163a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT CF-Cache-Status MISS last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "2cda-59ed53ba0726b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ioNLptOmC09OS7p04UQVayQr6c%2BsLLV2aY5tKXOs6Ojhl%2F%2F7hSX%2FF1YM9yIvA8oD%2F%2F69JKjIzNQX8grhri6eWbv%2Bal2gYngNpmqrJyY3uvNMp%2FYy1A9kBWNI0qZAfpNeIPKCw1%2F"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6954fee5aa7140f3-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 11482
GET H/1.1	200 OK	Idt_Bam_Promo.jpg manligtharavfall.se/agricole/b9d1f/img/	111 KB 112 KB	182ms 182ms	Image image/jpeg	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://manligtharavfall.se/agricole/b9d1f/img/Idt_Bam_Promo.jpg Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c51c1f2d16a21f981621dea0fabb17b9d1104adc8b0ace93832c1ac65da0ae6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT CF-Cache-Status MISS last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "1bce6-59ed53ba0726b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vY6PUDfo88Cjg7ed1dfNE1OKWKrrmy8SOIp09Nr5FuRRrohh38a%2FgVyrOSWgw22kcags1tSx9UMfkWxqw1tWt8yrQviVeBV0hZJ8WJsWWjnYqYePOyXoZ5HfR1yhop1EQTA4Hxsq"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6954fee5e8a83b9d-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 113894
GET H/1.1	200 OK	point_transp.gif manligtharavfall.se/agricole/b9d1f/img/	87 B 863 B	90ms 90ms	Image image/gif	104.21.11.100 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://manligtharavfall.se/agricole/b9d1f/img/point_transp.gif Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/ Protocol HTTP/1.1 Server 104.21.11.100 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host manligtharavfall.se Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://manligtharavfall.se/agricole/b9d1f/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/agricole/b9d1f/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 13:14:33 GMT CF-Cache-Status MISS last-modified Tue, 18 Feb 2020 08:12:29 GMT Server cloudflare etag "57-59ed53ba0726b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7S6T1prHxVDO%2Bgcfnwmkop5kCk%2F5hNOQOIVji2soO8rZIAQns2fNxhWdg9yiB9EwSwO1A7gH60e4Sirj5QZ6cy7kSuBupTba%2Fm42rJvDEUE5jfm0F1dDECw4Ul%2FUCVzUQ5K2QoG"}],"group":"cf-nel","max_age":604800} Content-Type image/gif Cache-Control max-age=14400 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive Accept-Ranges bytes CF-RAY 6954fee5ff78edef-CDG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 87
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/main_repeat.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	506ms 440ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/entete_light.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	531ms 458ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles-mod.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/main_haut.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	497ms 430ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/picto_aide.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	357ms 356ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:34 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/bloc_arrond_bas.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	474ms 408ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/bloc_arrond_haut.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	459ms 393ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/thead.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	439ms 366ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles-mod.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124
GET H2	404	402411465686 www.ebay.com/itm/ Redirect Chain http://manligtharavfall.se/agricole/b9d1f/img/bg_form.png https://ebay.to/3lRyYKk https://www.ebay.com/itm/402411465686	0 0	563ms 487ms	Image text/html	104.75.89.51 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay.com/itm/402411465686 Requested by Host: manligtharavfall.se URL: http://manligtharavfall.se/agricole/b9d1f/img/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.89.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-89-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://manligtharavfall.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Redirect headers content-security-policy referrer always; referrer-policy unsafe-url server nginx date Mon, 27 Sep 2021 13:14:33 GMT strict-transport-security max-age=1209600 content-type text/html; charset=utf-8 location https://www.ebay.com/itm/402411465686 cache-control private, max-age=90 content-length 124

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.ebay.com/itm/402411465686 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebay.to
manligtharavfall.se
www.ebay.com
104.21.11.100
104.75.89.51
67.199.248.12
0c51c1f2d16a21f981621dea0fabb17b9d1104adc8b0ace93832c1ac65da0ae6
0c556f78060563ad573621734b8df8edc74c22991b780a59b48f3066e539163a
3ab1fae138f193fc2401fec657282e3a62956a434534161e3dd9f34209769c96
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
825c08ee02e0e09890aff63d85ddf4af1889ff7895222756c7d757fdccd49736
998a6dcd6933dbbeb0df3491f66485dffc51cc1b86b78e6c947309b49f69ef07
a039f4dc8a5176a76d1bd43d001ebdc43a078de91784bcf124a80ed176b18334
b12a4b22caaef4212f2009c98ad1f0839d4eb305963b9fe34e733ed39c613906
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2bf55059385af8479348599359f58c9653580315dd91a73c27b78247d72057d

manligtharavfall.se Open in urlscan Pro 104.21.11.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

47 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

162 kBTransfer

302 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

manligtharavfall.se Open in urlscan Pro
104.21.11.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

47 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

162 kB
Transfer

302 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!