clantonenterprise.com
Open in
urlscan Pro
72.167.68.75
Malicious Activity!
Public Scan
Submission: On September 12 via api from US — Scanned from US
Summary
This is the only time clantonenterprise.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: eBay (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 72.167.68.75 72.167.68.75 | 398101 (GO-DADDY-...) (GO-DADDY-COM-LLC) | |
11 | 23.60.5.20 23.60.5.20 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 4 | 23.60.5.112 23.60.5.112 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 209.140.129.69 209.140.129.69 | 11643 (EBAY) (EBAY) | |
16 | 5 |
ASN398101 (GO-DADDY-COM-LLC, US)
PTR: 75.68.167.72.host.secureserver.net
clantonenterprise.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-60-5-20.deploy.static.akamaitechnologies.com
secureir.ebaystatic.com | |
securepics.ebaystatic.com | |
www.ebay.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-60-5-112.deploy.static.akamaitechnologies.com
gh.ebaystatic.com | |
pages.ebay.com |
ASN11643 (EBAY, US)
PTR: madronaext-public-slcaz01-1-1.ebay.com
srv.main.ebayrtm.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ebaystatic.com
1 redirects
secureir.ebaystatic.com — Cisco Umbrella Rank: 7601 gh.ebaystatic.com securepics.ebaystatic.com — Cisco Umbrella Rank: 33408 |
116 KB |
3 |
ebay.com
2 redirects
pages.ebay.com — Cisco Umbrella Rank: 13891 www.ebay.com — Cisco Umbrella Rank: 7465 b.stats.ebay.com Failed k4i7hgexxlhwt1as.stats.ebay.com Failed |
451 B |
1 |
ebayrtm.com
srv.main.ebayrtm.com — Cisco Umbrella Rank: 12687 |
415 B |
1 |
clantonenterprise.com
clantonenterprise.com |
6 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
6 | securepics.ebaystatic.com |
clantonenterprise.com
secureir.ebaystatic.com |
4 | secureir.ebaystatic.com |
clantonenterprise.com
|
2 | pages.ebay.com | 2 redirects |
2 | gh.ebaystatic.com |
1 redirects
clantonenterprise.com
|
1 | srv.main.ebayrtm.com |
clantonenterprise.com
|
1 | www.ebay.com |
clantonenterprise.com
|
1 | clantonenterprise.com | |
0 | k4i7hgexxlhwt1as.stats.ebay.com Failed |
clantonenterprise.com
|
0 | b.stats.ebay.com Failed |
clantonenterprise.com
|
16 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ebay.com Sectigo RSA Organization Validation Secure Server CA |
2023-08-02 - 2024-08-01 |
a year | crt.sh |
adcmd.befr.ebay.be Sectigo RSA Organization Validation Secure Server CA |
2023-07-31 - 2024-07-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://clantonenterprise.com/eBayISAPI/eBayISAPI.php
Frame ID: A7F2699CD6068F240303B75D0065696C
Requests: 16 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://gh.ebaystatic.com/header/js/light.min?combo=31&rvr=59 HTTP 302
- http://pages.ebay.com/messages/page_not_found.html HTTP 301
- https://pages.ebay.com/messages/page_not_found.html HTTP 301
- https://www.ebay.com/n/error
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
eBayISAPI.php
clantonenterprise.com/eBayISAPI/ |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yj42dvrod253tpxfgkawgc4it.css
secureir.ebaystatic.com/v4css/z/qe/ |
18 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1qqc345kge1utev0egp1or2oh.js
secureir.ebaystatic.com/v4js/z/m4/ |
102 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
341wgvdjgy2abb1qzf3cxflzf.js
secureir.ebaystatic.com/v4js/z/eu/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min
gh.ebaystatic.com/header/css/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.gif
securepics.ebaystatic.com/aw/pics/ |
49 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error
www.ebay.com/n/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
eBayISAPI.dll
b.stats.ebay.com/ws/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
eBayISAPI.dll
k4i7hgexxlhwt1as.stats.ebay.com/ws/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imgEBPSignIn455x315.jpg
securepics.ebaystatic.com/aw/pics/buy/trust/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoVeriSign_100x65.gif
securepics.ebaystatic.com/aw/pics/logos/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rtm
srv.main.ebayrtm.com/ |
44 B 415 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wduh1yzk1i2nbd1invggpgadl.js
secureir.ebaystatic.com/v4js/z/2r/ |
66 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.gif
securepics.ebaystatic.com/aw/pics/ |
49 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprBubbleHelp1.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprButtons.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- b.stats.ebay.com
- URL
- https://b.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=1
- Domain
- k4i7hgexxlhwt1as.stats.ebay.com
- URL
- https://k4i7hgexxlhwt1as.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=h3AjkMj_RQz5QoiU06nExLFa6C0i-tNf6hnXqJ_YuiItZwbW1IEfZUhoSOFb2iAPinOZauZhH9yyBgO0ybaQxhhtVye9efXYHYvwyjnaisBB7QTTI6E6X3-xIBbSSEq3BDyMvxqY2JPO1ekI&seq=2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: eBay (E-commerce)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b.stats.ebay.com
clantonenterprise.com
gh.ebaystatic.com
k4i7hgexxlhwt1as.stats.ebay.com
pages.ebay.com
secureir.ebaystatic.com
securepics.ebaystatic.com
srv.main.ebayrtm.com
www.ebay.com
b.stats.ebay.com
k4i7hgexxlhwt1as.stats.ebay.com
209.140.129.69
23.60.5.112
23.60.5.20
72.167.68.75
116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109
1d17cc06314dcbe245ec6ef9adbbce2952775f591999c8a9c1300d6e16c9d887
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
45b8a6ae408ed4cf28f21c53db7144daec07b5ced46e3a268dacf6387478d9b7
6e755cdc13f2487c5adeecd27a361e45d4c621b409c155a5af43e0bd2d4ab038
7ccf44591ff1ffd720ddc82cb0463a4b01cc3b7c439af2065bc15b2b98dea303
80e06f41aef51aba092b9dd89d0441450c13b3d6e711272b493c0cbd1db9f42f
8407e73b7c371e038730227361124286d879520d5e6c5e301ce8c1545db58742
ae3197c8ecdba81e983eac1a437d7253c2a0e501eb47a4042c8b096e456da821
e7d67c0b355ffe222d05cb0c6dd1c1143adaf9be23031c73682a0cb8b9f29d69
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae