urlscan.io logo urlscan.io
SecurityTrails logo

shreevaartha.org Open in urlscan Pro
199.79.62.108  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06Q...
Submission: On December 14 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 199.79.62.108, located in Burlington, United States and belongs to PUBLIC-DOMAIN-REGISTRY - PDR, US. The main domain is shreevaartha.org.
This is the only time shreevaartha.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

IP Address AS Autonomous System
1 6 199.79.62.108 394695 (PUBLIC-DO...)
5 152.199.23.155 15133 (EDGECAST)
2 23.210.248.226 16625 (AKAMAI-AS)
1 2 64.4.245.84 17012 (PAYPAL)
13 5
6    199.79.62.108 (Burlington, United States)

ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US)
PTR: bh-23.webhostbox.net
shreevaartha.org
5    152.199.23.155 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ir.ebaystatic.com
2    23.210.248.226 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com
c.paypal.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL - PayPal, Inc., US)
b.stats.paypal.com
dub.stats.paypal.com
Apex Domain
Subdomains		 Transfer
6 shreevaartha.org
shreevaartha.org
125 KB
5 ebaystatic.com
ir.ebaystatic.com
54 KB
4 paypal.com
c.paypal.com
b.stats.paypal.com
dub.stats.paypal.com
18 KB
13 3
Domain Requested by
6 shreevaartha.org 1 redirects shreevaartha.org
5 ir.ebaystatic.com shreevaartha.org
2 c.paypal.com shreevaartha.org
c.paypal.com
1 dub.stats.paypal.com shreevaartha.org
1 b.stats.paypal.com 1 redirects
13 5

This site contains links to these domains. Also see Links.

Domain
www.ebay.co.uk
reg.ebay.co.uk
pages.ebay.co.uk
trustsealinfo.websecurity.norton.com
Subject Issuer Validity Valid
ir.ebaystatic.com
DigiCert SHA2 Secure Server CA		 2019-07-12 -
2021-03-23		 2 years crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2019-09-10 -
2020-08-18		 a year crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA		 2018-02-16 -
2020-04-29		 2 years crt.sh

This page contains 4 frames:

Primary Page: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Frame ID: 75E5A5BD0A3AB5D29A3B7EDC693B9E75
Requests: 12 HTTP requests in this frame

Frame: https://c.paypal.com/da/r/efb.js
Frame ID: C27F953A00C5070507137E3E7C895488
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/efb.js
Frame ID: 69D9FBD45661E31DF5DF1B4C57C6D93E
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi
Frame ID: 4972A7DEB61450E0F8FFBCA5EB74E7BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8s... HTTP 301
    http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

62 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

196 kB
Transfer

484 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P HTTP 301
    http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD05Y2RmNWNhODE2ZTBhOWUwZjY0MzliNjRmZmFiYmFlMiZpPTE3Mi45NC4xMDQuNTYmdD0xNTc0NjIyMjcxNjI1JmE9MjDzYhIfQwmneWYyrg_Q8fWfvrRTGw== HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Redirect Chain
  • http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P
  • http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
219 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Server
199.79.62.108 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
bh-23.webhostbox.net
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 / PHP/5.3.29
Resource Hash
4eeb83f55d515b1c495bf1b5d98d0d3adff0c243acbca22d29b1ab33d23b20d9

Request headers

Host
shreevaartha.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 18:38:37 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
X-Powered-By
PHP/5.3.29
Upgrade
h2,h2c
Connection
Upgrade
Accept-Ranges
none
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html

Redirect headers

Date
Sat, 14 Dec 2019 18:38:37 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
Location
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
34wtddjp0q1v1dtu2elv5jwg4yf.css
shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/34wtddjp0q1v1dtu2elv5jwg4yf.css
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Server
199.79.62.108 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
bh-23.webhostbox.net
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
ddd6e288270268de6b427fb4760e0d1384fff8e72a643faa642d4f51203b0efe

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 18:38:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Dec 2019 00:01:08 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade
Accept-Ranges
none
Content-Type
text/css
Content-Length
1924
signin-Ek2-eBGv.css
shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/ 		155 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/signin-Ek2-eBGv.css
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Server
199.79.62.108 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
bh-23.webhostbox.net
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
6fa024b2398c0c6f525e91c99c6a73ff0ebbcaa617f2fb1a5ea7023e19d104bd

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 18:38:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Dec 2019 00:01:15 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
Vary
Accept-Encoding
Upgrade
h2,h2c
Transfer-Encoding
chunked
Connection
Upgrade
Accept-Ranges
none
Content-Type
text/css
fxxj3ttftm5ltcqnto1o4baovyl.png
shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/fxxj3ttftm5ltcqnto1o4baovyl.png
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Server
199.79.62.108 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
bh-23.webhostbox.net
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 18:38:38 GMT
Last-Modified
Fri, 06 Dec 2019 00:01:11 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag
"55408b0-12d4-598fdbe5b5e72"
Upgrade
h2,h2c
Connection
Upgrade
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4820
truncated
/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
9.gif
shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/ 		42 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/9.gif
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Server
199.79.62.108 Burlington, United States, ASN394695 (PUBLIC-DOMAIN-REGISTRY - PDR, US),
Reverse DNS
bh-23.webhostbox.net
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 18:38:39 GMT
Last-Modified
Fri, 06 Dec 2019 00:01:10 GMT
Server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 Phusion_Passenger/5.3.7
ETag
"55408ae-2a-598fdbe4a9194"
Upgrade
h2,h2c
Connection
Upgrade
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
42
MarketSans-Regular-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-Regular-WebS.woff2
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.155 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D5F) /
Resource Hash
75dceb1952ced6dab35cf68d3b6bf2f3d2ee9dd7b799ef2b5efb39323d093cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/signin-Ek2-eBGv.css
Origin
http://shreevaartha.org

Response headers

date
Sat, 14 Dec 2019 18:38:39 GMT
via
1.1 rnoincludecache-970418 (squid)
x-content-type-options
nosniff
x-cache-lookup
HIT from rnoincludecache-970418:80
x-cache
HIT
status
200
content-length
22128
x-xss-protection
1; mode=block
last-modified
Sat, 22 Jun 2019 09:16:15 GMT
server
ECAcc (lha/8D5F)
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
rlogid
t6q%60uebwh%3D9un%7Fq%60uebwh*110%3F7%3D%3F%29pqtfwpu%29sm%7E%29fgg%7E-fij-16b7c888a53-0xc1
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 13 Dec 2020 18:38:39 GMT
MarketSans-SemiBold-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/MarketSans-SemiBold-WebS.woff2
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.155 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D8E) /
Resource Hash
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/signin-Ek2-eBGv.css
Origin
http://shreevaartha.org

Response headers

date
Sat, 14 Dec 2019 18:38:39 GMT
via
1.1 lvsincludecache-2522849 (squid)
x-content-type-options
nosniff
x-cache-lookup
HIT from lvsincludecache-2522849:80
x-cache
HIT
status
200
content-length
22440
x-xss-protection
1; mode=block
last-modified
Fri, 31 May 2019 20:47:15 GMT
server
ECAcc (lha/8D8E)
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
rlogid
t6q%60uebwh%3D9iptq%60uebwh*05%3E5%3B64%29pqtfwpu%29osu%29fgg%7E-fij-16b0fa57f9f-0xb2
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 13 Dec 2020 18:38:39 GMT
sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
ir.ebaystatic.com/rs/c/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ir.ebaystatic.com/rs/c/sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.155 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8DB1) /
Resource Hash
53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/signin-Ek2-eBGv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 18:38:39 GMT
via
1.1 rnoincludecache-970418 (squid)
x-cache-lookup
HIT from rnoincludecache-970418:80
x-cache
HIT
status
200
x-ebay-c-version
1.0.0
content-length
1201
last-modified
Tue, 24 Jul 2018 23:37:11 GMT
server
ECAcc (lha/8DB1)
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dsm%7Eufvuq%60%284003%3E35-16a3605055c-0xc6
x-ebay-request-id
16a36050-55c0-ab4c-8e93-c150fee52b3d![]
accept-ranges
bytes
access-control-allow-headers
*
warning
113 rnoincludecache-970418 (squid) This cache hit is still fresh and more than 1 day old
expires
Sun, 13 Dec 2020 18:38:39 GMT
sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
ir.ebaystatic.com/rs/c/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ir.ebaystatic.com/rs/c/sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.155 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8DFB) /
Resource Hash
56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/signin-Ek2-eBGv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 18:38:39 GMT
via
1.1 slcincludecache-1959350 (squid)
x-cache-lookup
HIT from slcincludecache-1959350:80
x-cache
HIT
status
200
x-ebay-c-version
1.0.0
content-length
6886
last-modified
Tue, 18 Sep 2018 21:23:43 GMT
server
ECAcc (lha/8DFB)
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dsm%7Eufvuq%60%2841557%3E5-16a4086db1a-0xb2
x-ebay-request-id
16a4086d-b1a0-ab4c-9081-3f86fee1a7ec![]
accept-ranges
bytes
access-control-allow-headers
*
warning
113 slcincludecache-1959350 (squid) This cache hit is still fresh and more than 1 day old
expires
Sun, 13 Dec 2020 18:38:39 GMT
efb.js
c.paypal.com/da/r/ Frame C27F 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/efb.js
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0271d7ba6b311e53b275cd663c9c65f1e0f85e529c52de2008a613009c8639f8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Origin
http://shreevaartha.org

Response headers

Date
Sat, 14 Dec 2019 18:38:39 GMT
X-Pad
avoid browser bug
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
16718
Last-Modified
Tue, 24 Sep 2019 01:11:33 GMT
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Expires
Sun, 15 Dec 2019 18:38:39 GMT
truncated
/ 		725 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b3c84dc67fbaa659cd41ef4f90978cdc64ee8e7afa4410ee56b55652acd6263

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/34wtddjp0q1v1dtu2elv5jwg4yf.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
f5uxsy10bmz05dtrtrqybl5qquv.png
ir.ebaystatic.com/rs/v/ 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ir.ebaystatic.com/rs/v/f5uxsy10bmz05dtrtrqybl5qquv.png
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.155 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8C94) /
Resource Hash
7e0f4cd0590e2cf36c094d4226d70ccf2bc12107c46f3aeb8b3b5801396b44b0

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/views/signin-en_files/34wtddjp0q1v1dtu2elv5jwg4yf.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 14 Dec 2019 18:38:39 GMT
via
1.1 slcincludecache-1959349 (squid)
x-cache-lookup
HIT from slcincludecache-1959349:80
x-cache
HIT
status
200
x-ebay-c-version
1.0.0
content-length
994
last-modified
Fri, 12 Feb 2016 00:01:35 GMT
server
ECAcc (lha/8C94)
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%28uk%60%2875%3A4361-1653e347339-0xc2
x-ebay-request-id
1653e347-3390-a9cb-3814-cca6ffb1225e![]
accept-ranges
bytes
access-control-allow-headers
*
warning
113 slcincludecache-1959349 (squid) This cache hit is still fresh and more than 1 day old
expires
Sun, 13 Dec 2020 18:38:39 GMT
i
c.paypal.com/v1/r/d/ Frame 69D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/efb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/efb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
c.paypal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/

Response headers

CORRELATION-ID
201b2de9bd989
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Content-Length
161
Content-Security-Policy-Report-Only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type
text/html;charset=UTF-8
Paypal-Debug-Id
201b2de9bd989
X-Content-Type-Options
nosniff
X-Xss-Protection
1; mode=block
Date
Sat, 14 Dec 2019 18:38:39 GMT
Connection
keep-alive
counter2.cgi
dub.stats.paypal.com/ Frame 4972
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD05Y2RmNWNhODE2ZTBhOWUwZjY0MzliNjRmZmFiYmFlMiZpPTE3Mi45NC4xMDQuNTYmdD0xNTc0NjIyMjcxNjI1JmE9MjDzYhIfQwmneWYyrg_Q8fWfvrRTGw==
  • https://dub.stats.paypal.com/counter2.cgi
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/counter2.cgi
Requested by
Host: shreevaartha.org
URL: http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL - PayPal, Inc., US),
Reverse DNS
Software
/
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
http://shreevaartha.org/.smileys/js/dZjphX5RY0suQG8r3CGNaoH4oSdzvxJleflUCRxlIbNe01ymUzEDWO8Zza6v6N8sX9gWZhjStPlmk8i5o06QLMqS36P/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 14 Dec 2019 18:38:39 GMT
Cache-Control
private, must-revalidate, proxy-revalidate
Server
Connection
close
ETag
"e1dee0edf23f240712da"
Content-Length
42
Content-type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi
Date
Sat, 14 Dec 2019 18:38:39 GMT
Server
Connection
close
Content-Length
289
Content-Type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| $ssgST function| openFBLoginKeyPress function| openFBLoginPopup function| openGGLLoginKeyPress function| openGGLLoginPopup string| nVer string| nAgt string| browserName string| fullVersion number| majorVersion undefined| nameOffset number| verOffset number| ix string| OSName undefined| dom object| doc object| where object| iframe function| handleParentCallBackForSocial object| widget_platform function| DFP object| global object| $_mod_ua_fe object| $MUID function| $W10NOOP function| $initComponents function| markoInitComponents function| markoDynamicInitComponents function| rInterval function| initDFP object| trkCorrelationSessionInfo undefined| Uri function| otpSubmit

0 Cookies