ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz Open in urlscan Pro
162.0.209.204  Malicious Activity! Public Scan

URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Submission Tags: 7186508
Submission: On June 19 via api from NL

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 15 HTTP transactions. The main IP is 162.0.209.204, located in United States and belongs to NAMECHEAP-NET, US. The main domain is ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz.
This is the only time ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

IP Address AS Autonomous System
2 162.0.209.204 22612 (NAMECHEAP...)
6 93.184.221.225 15133 (EDGECAST)
1 145.239.131.51 16276 (OVH)
1 151.101.112.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a0e:ac00:c7:... 48447 (SECTIGO)
15 7
Domain Requested by
6 ir.ebaystatic.com ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
ir.ebaystatic.com
4 www.trustlogo.com 1 redirects ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
2 ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
1 ajax.googleapis.com ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
1 i.imgur.com ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
1 image.ibb.co ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
0 invoice-cars.com Failed ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
15 7

This site contains links to these domains. Also see Links.

Domain
pages.ebay.com
ssl.comodo.com
Subject Issuer Validity Valid
www.ebay.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-05 -
2022-03-10
a year crt.sh
ibb.co
R3
2021-06-07 -
2021-09-05
3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
www.trustlogo.com
Sectigo RSA Extended Validation Secure Server CA
2019-09-30 -
2021-09-29
2 years crt.sh

This page contains 1 frames:

Primary Page: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Frame ID: 4CD8FE79E138E3B4131019518F1157D2
Requests: 15 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

15
Requests

80 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

339 kB
Transfer

531 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://www.trustlogo.com/trustlogo/javascript/trustlogo.js HTTP 301
  • https://www.trustlogo.com/trustlogo/javascript/trustlogo.js
Request Chain 11
  • http://www.trustlogo.com/trustlogo/images/popup/seal_bg.gif HTTP 307
  • https://www.trustlogo.com/trustlogo/images/popup/seal_bg.gif
Request Chain 12
  • http://www.trustlogo.com/trustlogo/images/popup/warranty_level.gif HTTP 307
  • https://www.trustlogo.com/trustlogo/images/popup/warranty_level.gif

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
10 KB
4 KB
Document
General
Full URL
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
HTTP/1.1
Server
162.0.209.204 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business126-5.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
6c32ead957af51b38486fa4b6508d913b484f7e42721a5ca72488c960b5bab67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:04 GMT
server
Apache
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-encoding
gzip
content-length
3749
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
chgbckft2uzadpsgddjiftvzauf.css
ir.ebaystatic.com/rs/v/
42 KB
8 KB
Stylesheet
General
Full URL
https://ir.ebaystatic.com/rs/v/chgbckft2uzadpsgddjiftvzauf.css
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.225 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FFD) /
Resource Hash
c547dd5edffc8588067a0807e2676cdbb3494417fb32d9a6769f39a13899a61c

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:04 GMT
content-encoding
br
x-cache-lookup
HIT from include-cache-3:80
age
6026
x-cache
HIT
x-ebay-c-version
1.0.0
content-length
8476
access-control-allow-origin
*
last-modified
Thu, 23 Mar 2017 22:10:48 GMT
server
ECAcc (frc/8FFD)
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css;charset=UTF-8
via
1.1 include-cache-3 (squid)
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%28akdu1*w%60ut3540-17a24984d2e-0xd1
access-control-allow-headers
*
expires
Sun, 19 Jun 2022 15:47:04 GMT
fdifkphcnazvfcr4vyuy1npyuuw.js
ir.ebaystatic.com/rs/v/
92 KB
33 KB
Script
General
Full URL
https://ir.ebaystatic.com/rs/v/fdifkphcnazvfcr4vyuy1npyuuw.js
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.225 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F50) /
Resource Hash
92c7c481861741bcba1a04732978763eda212c4c4ce1e51440f07ed89b7f18ea

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:04 GMT
content-encoding
br
x-cache-lookup
MISS from include-cache-3:80
age
25551316
x-cache
HIT
x-ebay-c-version
1.0.0
content-length
33931
access-control-allow-origin
*
last-modified
Mon, 08 Jun 2015 11:51:30 GMT
server
ECAcc (frc/8F50)
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
via
1.1 include-cache-3 (squid)
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%284%3F37364-17431fa1c3c-0xb7
x-ebay-request-id
16cda48c-9e90-abd8-2530-4e4effa9b01b![
access-control-allow-headers
*
expires
Sun, 19 Jun 2022 15:47:04 GMT
rdicqa0edq2utoxdmldtkmkhmu4.js
ir.ebaystatic.com/rs/v/
49 KB
14 KB
Script
General
Full URL
https://ir.ebaystatic.com/rs/v/rdicqa0edq2utoxdmldtkmkhmu4.js
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.225 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F23) /
Resource Hash
ed2fc02ece752d236a6e44aa233597ccc7be54fa1aa77f66d8253ee0672d7c42

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:04 GMT
content-encoding
br
x-cache-lookup
HIT from include-cache-2:80
age
19317890
x-cache
HIT
x-ebay-c-version
1.0.0
content-length
14537
access-control-allow-origin
*
last-modified
Tue, 21 Mar 2017 22:39:37 GMT
server
ECAcc (frc/8F23)
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
via
1.1 include-cache-2 (squid)
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dpieufvuq%60%28ntov1*w%60ut3522-175a584a32f-0xd5
access-control-allow-headers
*
expires
Sun, 19 Jun 2022 15:47:04 GMT
fbnerslxm24jjm4c2po1sr4laa2.js
ir.ebaystatic.com/rs/v/
277 B
326 B
Script
General
Full URL
https://ir.ebaystatic.com/rs/v/fbnerslxm24jjm4c2po1sr4laa2.js
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.225 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0B) /
Resource Hash
e9126f63e01f697b98fe69bbc0de6951481a24226353c78d759fd80c3310d462

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:04 GMT
content-encoding
br
x-cache-lookup
MISS from include-cache-4:80
age
6025
x-cache
HIT
x-ebay-c-version
1.0.0
content-length
120
access-control-allow-origin
*
last-modified
Mon, 26 Sep 2016 07:41:29 GMT
server
ECAcc (frc/8F0B)
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
via
1.1 include-cache-4 (squid)
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dqkiufvuq%60%281u%60b0*w%60ut3542-17a24984e7b-0xc5
access-control-allow-headers
*
expires
Sun, 19 Jun 2022 15:47:04 GMT
gb32bqsvne0zvlsyjqgpa3lejql.css
ir.ebaystatic.com/rs/v/
9 KB
2 KB
Stylesheet
General
Full URL
https://ir.ebaystatic.com/rs/v/gb32bqsvne0zvlsyjqgpa3lejql.css
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.225 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F74) /
Resource Hash
4b0dea258f6fe68af46c80e371ed6bf3488c8abb5ca83290f0c3eeab8aa00027

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:04 GMT
content-encoding
br
x-cache-lookup
HIT from include-cache-0:80
age
1680043
x-cache
HIT
x-ebay-c-version
1.0.0
content-length
1613
access-control-allow-origin
*
last-modified
Fri, 09 Jun 2017 19:05:03 GMT
server
ECAcc (frc/8F74)
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css;charset=UTF-8
via
1.1 include-cache-0 (squid)
cache-control
max-age=31536000
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%28%7C%3Fq3%3E*w%60ut3540-179c0d0d728-0xc5
access-control-allow-headers
*
expires
Sun, 19 Jun 2022 15:47:04 GMT
5797c5a9bd0a.png
image.ibb.co/iOx5vH/
123 KB
124 KB
Image
General
Full URL
https://image.ibb.co/iOx5vH/5797c5a9bd0a.png
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
46f439460269bcd6671d3ea601f0bf1e24bd124e23135aca857509c190b03130

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
last-modified
Thu, 15 Mar 2018 12:17:47 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
126382
expires
Thu, 31 Dec 2037 23:55:55 GMT
reload.png
ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
92 KB
93 KB
Image
General
Full URL
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/reload.png
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
HTTP/1.1
Server
162.0.209.204 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business126-5.web-hosting.com
Software
Apache /
Resource Hash
95494ba36f199f18a7ec2e5d6c37467479ab92283ab5547ec658e7328a3f6b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 03 Feb 2019 18:07:30 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
94320
x-content-type-options
nosniff
J9MBIxo.png
i.imgur.com/
8 KB
9 KB
Image
General
Full URL
https://i.imgur.com/J9MBIxo.png
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
17dcbb1cb45f17e9cf1a5cf374c27add7dbbbc0d7bf925b5eca9c82e2ea011d2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
x-content-type-options
nosniff
age
697527
x-cache
HIT, HIT
content-length
8547
x-served-by
cache-bwi5162-BWI, cache-hhn4073-HHN
last-modified
Fri, 05 Apr 2019 22:25:11 GMT
server
cat factory 1.0
x-timer
S1624117625.107548,VS0,VE1
etag
"929f9ade996802e34431df331a1a24d5"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 15:36:38 GMT
trustlogo.js
www.trustlogo.com/trustlogo/javascript/
Redirect Chain
  • http://www.trustlogo.com/trustlogo/javascript/trustlogo.js
  • https://www.trustlogo.com/trustlogo/javascript/trustlogo.js
14 KB
14 KB
Script
General
Full URL
https://www.trustlogo.com/trustlogo/javascript/trustlogo.js
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a0e:ac00:c7:d43b::5bc7:d43b , United Kingdom, ASN48447 (SECTIGO, GB),
Reverse DNS
Software
nginx /
Resource Hash
1ba30b444f0489b7da1ca80092c7879835ba96404751aabbdb2647de4261fa05
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
last-modified
Mon, 28 Oct 2019 17:12:11 GMT
server
nginx
etag
"5db7216b-3709"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
14089
expires
Sat, 19 Jun 2021 16:06:25 GMT

Redirect headers

Location
https://www.trustlogo.com/trustlogo/javascript/trustlogo.js
Date
Sat, 19 Jun 2021 15:47:04 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
X-CCACDN-Proxy-ID
mcdpinlb3
Content-Type
text/html
imgbg.jpg
ir.ebaystatic.com/pictures/aw/pics/cmp/ds3/
1 KB
2 KB
Image
General
Full URL
https://ir.ebaystatic.com/pictures/aw/pics/cmp/ds3/imgbg.jpg
Requested by
Host: ir.ebaystatic.com
URL: https://ir.ebaystatic.com/rs/v/chgbckft2uzadpsgddjiftvzauf.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.225 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F74) /
Resource Hash
b054c21c769e6e73a3f3f2e51ff27783043d87f8c4cb963c0554b33010fa3efc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ir.ebaystatic.com/rs/v/chgbckft2uzadpsgddjiftvzauf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
via
1.1 pics-cache-4 (squid)
x-cache-lookup
HIT from pics-cache-4:80
age
273018
x-cache
HIT
content-length
1392
x-xss-protection
1; mode=block
last-modified
Tue, 30 May 2017 20:58:47 GMT
server
ECAcc (frc/8F74)
etag
"570-550c411e57d01"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 19 Jun 2022 15:47:05 GMT
seal_bg.gif
www.trustlogo.com/trustlogo/images/popup/
Redirect Chain
  • http://www.trustlogo.com/trustlogo/images/popup/seal_bg.gif
  • https://www.trustlogo.com/trustlogo/images/popup/seal_bg.gif
5 KB
5 KB
Image
General
Full URL
https://www.trustlogo.com/trustlogo/images/popup/seal_bg.gif
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a0e:ac00:c7:d43b::5bc7:d43b , United Kingdom, ASN48447 (SECTIGO, GB),
Reverse DNS
Software
nginx /
Resource Hash
6a8d73fd166e03d8e1c024ac60d01d9110c4ac56b45f5bb402739e4095d4a95b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
last-modified
Tue, 30 Jul 2019 11:34:59 GMT
server
nginx
etag
"5d402b63-12f3"
strict-transport-security
max-age=15768000
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
content-length
4851
expires
Sat, 19 Jun 2021 15:51:13 GMT

Redirect headers

Location
https://www.trustlogo.com/trustlogo/images/popup/seal_bg.gif
Non-Authoritative-Reason
HSTS
warranty_level.gif
www.trustlogo.com/trustlogo/images/popup/
Redirect Chain
  • http://www.trustlogo.com/trustlogo/images/popup/warranty_level.gif
  • https://www.trustlogo.com/trustlogo/images/popup/warranty_level.gif
713 B
926 B
Image
General
Full URL
https://www.trustlogo.com/trustlogo/images/popup/warranty_level.gif
Requested by
Host: ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz
URL: http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a0e:ac00:c7:d43b::5bc7:d43b , United Kingdom, ASN48447 (SECTIGO, GB),
Reverse DNS
Software
nginx /
Resource Hash
e45902c0c28d8a669a37a61914c1eb760b093f7cc2d41693d52f82327329218d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://ebay.com-insurance-policy-buyer-saftey-protection-ebay-motors.aexcv.xyz/18358942865862%3fhash=item13548912563458736384d40a:g:fSwRGHECGHVERAWRKSwTRFdRVKz=1/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 15:47:05 GMT
last-modified
Tue, 30 Jul 2019 11:34:59 GMT
server
nginx
etag
"5d402b63-2c9"
strict-transport-security
max-age=15768000
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
content-length
713
expires
Sat, 19 Jun 2021 15:49:23 GMT

Redirect headers

Location
https://www.trustlogo.com/trustlogo/images/popup/warranty_level.gif
Non-Authoritative-Reason
HSTS
comodo_secure_seal_76x26_transp.png
invoice-cars.com/Image/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invoice-cars.com
URL
https://invoice-cars.com/Image/comodo_secure_seal_76x26_transp.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| tlJsHost function| TrustLogo function| TrustLogo_MouseOver function| TrustLogo_MouseMove function| TrustLogo_MouseOut function| TrustLogo_Credentials function| tLL function| tLM function| tLN function| tLWC function| tLXC function| tLZC function| tLaC function| tLX function| tLY function| tLiB function| tLQC function| tLRC function| tL1C function| tL0C function| tL9C function| tL2C function| tL3C function| tLUC function| tLrC function| tLsC function| tLtC function| tLuC function| tLvC function| tLjC function| tLz function| tLHB function| tLIB function| tLd function| tLe function| tLf function| tLh function| tLi function| tLj function| tLl function| tLm function| tLn function| tLo function| tLp function| tLq function| tLr function| tLs function| tLt function| tLu function| tLx function| tLv function| tLw function| tLy function| tLJB function| tLHC function| tLIC function| tLKB function| tLLB function| tLMB function| tL_C function| tLXB function| tLeB function| tLnB function| tLqC function| tLTC function| tLpC function| tLoB function| tLpB function| tLlB function| tLmB function| createStyleRule string| current_code string| tLB string| tLC string| tLD string| tLE string| tLF string| tLG string| tLH string| tLI string| tLnC string| tLbC string| tLlC string| tLyC string| tLMC string| tLLC string| tLNC number| tLgC number| tLeC number| tLhC number| tLP number| tLQ number| tLfC number| tLiC number| tLU number| tLV string| tLzC number| tLR number| tLS number| tLT number| tLW object| tLO string| tLYC string| tLGB string| tLNB number| tLOB number| tLPB number| tLQB number| tLRB object| tLSB string| tLTB boolean| tLUB number| tLVB string| tLWB number| version function| $ function| jQuery function| define function| require function| $rset function| $radd function| $rget function| $rwidgets object| raptor object| jQuery1705335656379599758 function| $load function| $uri string| host

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block