show.naturecircle.shop
Open in
urlscan Pro
2606:4700:3034::6815:4692
Malicious Activity!
Public Scan
Effective URL: https://show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/176970
Submission: On March 17 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on February 24th 2024. Valid for: 3 months.
This is the only time show.naturecircle.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: eBay (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3035::ac43:88bd | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3034::6815:4692 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2a04:4e42:600... 2a04:4e42:600::718 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:303... 2606:4700:3036::6815:129 | () () | |
1 | 104.126.113.109 104.126.113.109 | () () | |
18 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
ebaystatic.com
ir.ebaystatic.com — Cisco Umbrella Rank: 8358 secureir.ebaystatic.com |
1022 KB |
2 |
naturecircle.shop
1 redirects
show.naturecircle.shop |
38 KB |
1 |
thenaturehub.shop
thenaturehub.shop |
|
0 |
ebay.com.au
Failed
www.ebay.com.au Failed rover.ebay.com.au Failed |
|
18 | 4 |
Domain | Requested by | |
---|---|---|
13 | ir.ebaystatic.com |
show.naturecircle.shop
ir.ebaystatic.com |
2 | show.naturecircle.shop | 1 redirects |
1 | secureir.ebaystatic.com |
show.naturecircle.shop
|
1 | thenaturehub.shop |
show.naturecircle.shop
|
0 | rover.ebay.com.au Failed |
show.naturecircle.shop
|
0 | www.ebay.com.au Failed |
ir.ebaystatic.com
|
18 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
naturecircle.shop E1 |
2024-02-24 - 2024-05-24 |
3 months | crt.sh |
i.ebayimg.com Sectigo RSA Organization Validation Secure Server CA |
2024-03-06 - 2025-03-06 |
a year | crt.sh |
thenaturehub.shop E1 |
2024-02-22 - 2024-05-22 |
3 months | crt.sh |
www.ebay.com Sectigo RSA Organization Validation Secure Server CA |
2023-08-02 - 2024-08-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/176970
Frame ID: 10C27E358655B56984587177A308E00D
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/176970
HTTP 301
https://show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/176970 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/176970
HTTP 301
https://show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/176970 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
176970
show.naturecircle.shop/e/special-event/weekly-top-seller/tablet-ebook-reader-accs/ Redirect Chain
|
172 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browse-page-desktop-pr-i3SfX4WR.css
ir.ebaystatic.com/rs/c/ |
920 KB 138 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xufbqqyq2mzeffvz4rkfe1pfomu.css
ir.ebaystatic.com/rs/v/ |
71 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asjffgf.js
thenaturehub.shop/xsourceigpd/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fxxj3ttftm5ltcqnto1o4baovyl.png
ir.ebaystatic.com/rs/v/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebayPlus-Logo-58x15.svg
ir.ebaystatic.com/cr/v/c1/eBayPlus/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browse-page-desktop-pr-ICoxid47.js
ir.ebaystatic.com/rs/c/ |
3 MB 725 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1redukp23m203ls4m3u3gbzv2am.js
ir.ebaystatic.com/rs/v/ |
142 KB 46 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
ir.ebaystatic.com/cr/v/c1/ebay-cookies/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10341xh50yz21mhhydueu4m5wad.js
ir.ebaystatic.com/cr/v/c01/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
050424x45ab470b86468939d672.js
ir.ebaystatic.com/cr/v/c01/ |
24 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
448 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
593 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarketSans-Regular-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
725 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MarketSans-SemiBold-WebS.woff2
ir.ebaystatic.com/cr/v/c1/market-sans/v1.0/ |
22 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lexbrwfe-src-fe-components-s-base-legacy-skin-iconfont-vq-icon-font-SDqOZk86.woff
ir.ebaystatic.com/rs/c/ |
27 KB 27 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gh_show_ads.js
secureir.ebaystatic.com/cr/v/c1/ |
144 B 724 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ebayPlus-Logo-58x15.svg
ir.ebaystatic.com/cr/v/c1/eBayPlus/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
autocomplete
www.ebay.com.au/sch/ajax/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9
rover.ebay.com.au/roverimp/0/0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ebay.com.au
- URL
- https://www.ebay.com.au/sch/ajax/autocomplete
- Domain
- rover.ebay.com.au
- URL
- https://rover.ebay.com.au/roverimp/0/0/9?imp=2046301&trknvp=cp%3D2499337%26ghi%3D98&1710716260308
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: eBay (E-commerce)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| $ssgST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000, max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ir.ebaystatic.com
rover.ebay.com.au
secureir.ebaystatic.com
show.naturecircle.shop
thenaturehub.shop
www.ebay.com.au
rover.ebay.com.au
www.ebay.com.au
104.126.113.109
2606:4700:3034::6815:4692
2606:4700:3035::ac43:88bd
2606:4700:3036::6815:129
2a04:4e42:600::718
16909d24b2258dec59476d1be94f26d2cc0c54f04d571172b602ee5b3af087ee
176ca396a7ba21cbf9893e8a2edb0a35d86d13ce5f3086241c09f53c29785466
1b3c84dc67fbaa659cd41ef4f90978cdc64ee8e7afa4410ee56b55652acd6263
368e472222dae2283fc3a5bef29754d7399490e826d1874db20fb08943e8307f
4a94f4329afbaced71c7ced387951cd0a58194ae87dd2249fec852bf3cf19038
4bf4c0ef8a5e153d99d0018c3742227e66a94f297fef26abbf8b7f07f57b6e44
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
62ab2181dcc244170792b5a9384e0a946f8e4194e50a2a7d15f29594f76abdb4
6a69d93906c3c4fbec067d340c352838ea72788415794ec748c6e9cc75717892
75dceb1952ced6dab35cf68d3b6bf2f3d2ee9dd7b799ef2b5efb39323d093cc4
8b421216256dcffe2966f7eef563dacc369f2019817f23e7a21050452e6a40f9
8cf267e459a6cc44675cb358d9cd7576fa7e9a932b4df5490c2327080e64bf9a
9e35b5a0bcec3d1284dc64b6935cf8b0497bc058f796b30c800a559d8654c915
a51bf4294fa61c02c7602ef31d9e5982219ca24bb3416cbb2a4def4e172921cb
c6c8a690e07f0aab250301b3784f10110d640f5a8bf5a938e126be68b8697e9d
d1de97533f8c973f9eb1162098eee749715f058edb650efd69e9d6ac62b056b6
d2f99d929a08c3527d998e5f48b66ea774fcefaba812ea52550e6c6e695a5b20
e5b18e590c4e990d938b61c9c032390d2a79cd08c28e414de07c656e7c62d9d2