cerkajim-001-site1.ftempurl.com Open in urlscan Pro
205.144.171.97 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cerkajim-001-site1.ftempurl.com/
Submission: On July 07 via automatic, source phishtank (July 7th 2018, 1:21:35 am UTC)

Summary HTTP 18 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 205.144.171.97, located in Studio City, United States and belongs to ALCHEMYNET - Alchemy Communications, Inc., US. The main domain is cerkajim-001-site1.ftempurl.com.

This is the only time cerkajim-001-site1.ftempurl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1	205.144.171.97 205.144.171.97	7296 (ALCHEMYNET) (ALCHEMYNET - Alchemy Communications)
14	2.18.234.107 2.18.234.107	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	66.211.181.31 66.211.181.31	11643 (EBAY) (EBAY - eBay)
1	66.211.181.198 66.211.181.198	11643 (EBAY) (EBAY - eBay)
1	66.135.195.83 66.135.195.83	11643 (EBAY) (EBAY - eBay)
18	5

1 205.144.171.97 (Studio City, United States)

ASN7296 (ALCHEMYNET - Alchemy Communications, Inc., US)
PTR: 205-144-171-97.alchemy.net

cerkajim-001-site1.ftempurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.18.234.107 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-107.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepics.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.211.181.31 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)
PTR: srv.ebayrtm.com

srv.main.ebayrtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.211.181.198 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)

adjustdiscount.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.135.195.83 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)

rover.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ebaystatic.com secureir.ebaystatic.com securepics.ebaystatic.com	168 KB
2	ebay.com adjustdiscount.ebay.com rover.ebay.com	1 KB
1	ebayrtm.com srv.main.ebayrtm.com	448 B
1	ftempurl.com cerkajim-001-site1.ftempurl.com	6 KB
18	4

	Domain	Requested by
7	securepics.ebaystatic.com	cerkajim-001-site1.ftempurl.com
7	secureir.ebaystatic.com	cerkajim-001-site1.ftempurl.com
1	rover.ebay.com	secureir.ebaystatic.com
1	adjustdiscount.ebay.com	secureir.ebaystatic.com
1	srv.main.ebayrtm.com	cerkajim-001-site1.ftempurl.com
1	cerkajim-001-site1.ftempurl.com
18	6

This site contains links to these domains. Also see Links.

Domain
www.ebay.com
pages.ebay.com
scgi.ebay.com
www.ebayinc.com
stores.ebay.com
viv.ebay.com
garden.ebay.com
qu.ebay.com
www.verisign.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://cerkajim-001-site1.ftempurl.com/
Frame ID: FA43068DB33C766EF4ADFD68C82F5EC2
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^SWFObject$/i

Page Statistics

18
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

176 kB
Transfer

312 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ebay.com/

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/coverage/index.html

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/help/new/contextual/signin.html
Title: Get sign in help - opens in a new window or tab

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/help/new/contextual/account_protection.html
Title: Protect your account - opens in a new window or tab

Search URL Search Domain Scan URL

URL: https://scgi.ebay.com/ws/eBayISAPI.dll?UserIdRecognizerShow
Title: user ID

Search URL Search Domain Scan URL

URL: https://scgi.ebay.com/ws/eBayISAPI.dll?FYPShow
Title: password

Search URL Search Domain Scan URL

URL: http://www.ebayinc.com/
Title: About eBay

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/securitycenter/index.html
Title: Security Center

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/buy/tools.html
Title: Buyer Tools

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/help/policies/overview.html
Title: Policies

Search URL Search Domain Scan URL

URL: http://stores.ebay.com/
Title: Stores

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: http://viv.ebay.com/ws/eBayISAPI.dll?EbayTime
Title: eBay official time

Search URL Search Domain Scan URL

URL: http://garden.ebay.com/
Title: Preview new features

Search URL Search Domain Scan URL

URL: http://qu.ebay.com/survey?srvName=globalheader+%28footer-US%29
Title: Tell us what you think

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/help/policies/user-agreement.html?rt=nc
Title: User Agreement

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/help/policies/privacy-policy.html?rt=nc
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.verisign.com/ssl-certificate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cerkajim-001-site1.ftempurl.com/ 17 KB
6 KB 758ms
596ms Document
text/html 205.144.171.97
Alchemy Communica...

General

Check archive.org

Show headers Download Go to

Full URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: HTTP/1.1
Server: 205.144.171.97 Studio City, United States, ASN7296 (ALCHEMYNET - Alchemy Communications, Inc., US),
Reverse DNS: 205-144-171-97.alchemy.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ed9ce016fd3bc6d7e44816ee32711e9baa04c882932038872d437424dcc771af

Request headers

Host: cerkajim-001-site1.ftempurl.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: FA43068DB33C766EF4ADFD68C82F5EC2

Response headers

Cache-Control: max-age=31536000
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Fri, 06 Jul 2018 17:00:54 GMT
Accept-Ranges: bytes
ETag: "0a787e64a15d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Sat, 07 Jul 2018 01:21:24 GMT
Content-Length: 5985

GET
S 200 ltitf55mnu0wva5qbjeinek0c.css
secureir.ebaystatic.com/v4css/z/al/ 11 KB
3 KB 46ms
6ms Stylesheet
text/css 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4css/z/al/ltitf55mnu0wva5qbjeinek0c.css
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: 16e185104a75bdac2e7af2c6371198714e0f3cc0f07bb086ead9fbe64b9e8554

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
content-encoding: gzip
last-modified: Fri, 06 Jul 2018 17:06:45 GMT
server: eBay Server
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 2782
expires: Sun, 07 Jul 2019 01:21:24 GMT

GET
S 200 kgelqxsfqa4adpovj2vfr1lvi.css
secureir.ebaystatic.com/v4css/z/a0/ 18 KB
5 KB 46ms
6ms Stylesheet
text/css 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4css/z/a0/kgelqxsfqa4adpovj2vfr1lvi.css
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: Apache-Coyote/1.1 /
Resource Hash: f9ec872baaf3d443fd3d0ba1c8aa4788ab6da3796c5417a5cb33943c172efc66

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
content-encoding: gzip
x-cache-lookup: MISS from lvsincludecache-2522848:80
last-modified: Fri, 06 Jul 2018 17:06:45 GMT
server: Apache-Coyote/1.1
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 4648
expires: Sun, 07 Jul 2019 01:21:24 GMT

GET
S 200 0101uponiy1vhjjvs5pvtkfgy.js Show response
secureir.ebaystatic.com/v4js/z/ir/ 98 KB
30 KB 46ms
7ms Script
application/x-javascript 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4js/z/ir/0101uponiy1vhjjvs5pvtkfgy.js
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: ea6c313b6dd77583ef64f47832b9d82e6acb2dabc146ea8b2fe9c3e6b0fdb7aa

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
content-encoding: gzip
last-modified: Fri, 06 Jul 2018 17:05:09 GMT
server: eBay Server
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 30538
expires: Sun, 07 Jul 2019 01:21:24 GMT

GET
S 200 341wgvdjgy2abb1qzf3cxflzf.js Show response
secureir.ebaystatic.com/v4js/z/eu/ 6 KB
2 KB 51ms
12ms Script
application/x-javascript 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4js/z/eu/341wgvdjgy2abb1qzf3cxflzf.js
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: Apache-Coyote/1.1 /
Resource Hash: 116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
content-encoding: gzip
x-cache-lookup: HIT from lvsincludecache-2522849:80
last-modified: Fri, 06 Jul 2018 17:15:25 GMT
server: Apache-Coyote/1.1
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 2171
expires: Sun, 07 Jul 2019 01:21:24 GMT

GET
S 200 5rmp4vsze24wjkcfc1doiqoqh.js Show response
secureir.ebaystatic.com/v4js/z/ah/ 47 KB
13 KB 52ms
12ms Script
application/x-javascript 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4js/z/ah/5rmp4vsze24wjkcfc1doiqoqh.js
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: 85c57bc7134f47f9b9e4a6c843ccb81f353aa0842164625858ad7fac959310a3

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
content-encoding: gzip
last-modified: Fri, 06 Jul 2018 17:06:45 GMT
server: eBay Server
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 12546
expires: Sun, 07 Jul 2019 01:21:24 GMT

GET
S 200 logoEbay_x45.gif
securepics.ebaystatic.com/aw/pics/logos/ 2 KB
3 KB 15ms
8ms Image
image/gif 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepics.ebaystatic.com/aw/pics/logos/logoEbay_x45.gif
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: 60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
last-modified: Tue, 30 May 2017 20:59:56 GMT
server: eBay Server
etag: "b6f60cf6-9f1-550c415f94e4c"
content-type: image/gif
status: 200
cache-control: max-age=1256409
accept-ranges: bytes
content-length: 2545
expires: Sat, 21 Jul 2018 14:21:33 GMT

GET
S 200 imgEBPHeaderD.png
securepics.ebaystatic.com/aw/pics/buy/trust/ 3 KB
3 KB 15ms
8ms Image
image/png 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepics.ebaystatic.com/aw/pics/buy/trust/imgEBPHeaderD.png
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: f92b37df4d84d44abc17f0889aa0b81479ecf8548f4bf9cf47a5938bb33b5579

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
last-modified: Tue, 30 May 2017 20:58:29 GMT
server: eBay Server
etag: "a40-550c410d4fcaa"
content-type: image/png
status: 200
cache-control: max-age=3858301
accept-ranges: bytes
content-length: 2624
expires: Mon, 20 Aug 2018 17:06:25 GMT

GET
S 200 imgEBPSignIn.jpg
securepics.ebaystatic.com/aw/pics/buy/trust/ 95 KB
95 KB 16ms
9ms Image
image/jpeg 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepics.ebaystatic.com/aw/pics/buy/trust/imgEBPSignIn.jpg

Requested by

Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/

Protocol

SPDY

Server

2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-234-107.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

42c2dcd53a51d90fdeb548415ec82e4dc686b5e958e9b65ee60392acff827382

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
x-cache-lookup: HIT from rnopicscache-16125:80
last-modified: Tue, 30 May 2017 20:58:29 GMT
server: Apache
etag: "17bfe-550c410d50c4c"
content-type: image/jpeg
status: 200
cache-control: max-age=3857930
accept-ranges: bytes
content-length: 97278
x-xss-protection: 1; mode=block
expires: Mon, 20 Aug 2018 17:00:14 GMT

GET
S 200 s.gif
securepics.ebaystatic.com/aw/pics/ 49 B
227 B 16ms
9ms Image
image/gif 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepics.ebaystatic.com/aw/pics/s.gif
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
last-modified: Tue, 30 May 2017 21:03:22 GMT
server: eBay Server
etag: "cfbb4d79-31-550c4224c68c3"
content-type: image/gif
status: 200
cache-control: max-age=3822356
accept-ranges: bytes
content-length: 49
expires: Mon, 20 Aug 2018 07:07:20 GMT

GET
H/1.1 200
OK rtm Show response
srv.main.ebayrtm.com/ 9 B
448 B 790ms
166ms Script
application/x-javascript 66.211.181.31
eBay

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.main.ebayrtm.com/rtm?RtmGetCapJs&p=18
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: HTTP/1.1
Server: 66.211.181.31 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US),
Reverse DNS: srv.ebayrtm.com
Software: Apache-Coyote/1.1 /
Resource Hash: 9088173db5a37e3a5b4d9e25cdd7d10505217415bf10cb6ddc2ccce74728d5d7

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 07 Jul 2018 01:21:25 GMT
Server: Apache-Coyote/1.1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache
RlogId: p4pphdlwc%3D9un%7F37%2B662%3F677-16472544ed4-0xcc
Content-Type: application/x-javascript;charset=utf-8
Content-Length: 9
Expires: 0

GET
H/1.1 200
OK eBayISAPI.dll Show response
adjustdiscount.ebay.com/ws/ 9 B
676 B 495ms
184ms Script
text/html 66.211.181.198
eBay

General

Check archive.org

Show headers Download Go to

Full URL: http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=lnb-kqtoldse-0dshr%2C0%2F%2F%2Clhi%60jqdb
Requested by: Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/v4js/z/ah/5rmp4vsze24wjkcfc1doiqoqh.js
Protocol: HTTP/1.1
Server: 66.211.181.198 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3230d5a466b3c13c64900f09ddebfb05f3a3235ac393fbe804c88651e45357c4

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sat, 07 Jul 2018 01:21:24 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Cache-Control: private
Content-Length: 29
Content-Type: text/html;charset=UTF-8

GET
S 404 p2p4nfk5ce1krfshgvwbvk5sd.js
secureir.ebaystatic.com/v4js/z/ul/ 0
0 252ms
252ms Script
application/x-javascript 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4js/z/ul/p2p4nfk5ce1krfshgvwbvk5sd.js
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:24 GMT
server: eBay Server
status: 404
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 0
expires: Sun, 07 Jul 2019 01:21:24 GMT

GET
S 200 btnClose_16x16.gif
securepics.ebaystatic.com/aw/pics/buttons/ 233 B
405 B 6ms
5ms Image
image/gif 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepics.ebaystatic.com/aw/pics/buttons/btnClose_16x16.gif
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: 1e2b404d0af6d246014d1d7242189fd2424830dde8cbc08eb1c338dee0ef0171

Request headers

Referer: https://secureir.ebaystatic.com/v4css/z/al/ltitf55mnu0wva5qbjeinek0c.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:25 GMT
last-modified: Tue, 30 May 2017 20:58:16 GMT
server: eBay Server
etag: "e9-550c4100a1085"
content-type: image/gif
status: 200
cache-control: max-age=1284834
accept-ranges: bytes
content-length: 233
expires: Sat, 21 Jul 2018 22:15:19 GMT

GET
S 200 sprButtons.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/ 11 KB
11 KB 5ms
5ms Image
image/png 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprButtons.png
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae

Request headers

Referer: https://secureir.ebaystatic.com/v4css/z/a0/kgelqxsfqa4adpovj2vfr1lvi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:25 GMT
last-modified: Tue, 30 May 2017 20:58:47 GMT
server: eBay Server
etag: "2a90-550c411e4e891"
content-type: image/png
status: 200
cache-control: max-age=648991
accept-ranges: bytes
content-length: 10896
expires: Sat, 14 Jul 2018 13:37:56 GMT

GET
S 200 sprBubbleHelp1.png
securepics.ebaystatic.com/aw/pics/cmp/ds2/ 3 KB
3 KB 5ms
5ms Image
image/png 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprBubbleHelp1.png
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash: 7ccf44591ff1ffd720ddc82cb0463a4b01cc3b7c439af2065bc15b2b98dea303

Request headers

Referer: https://secureir.ebaystatic.com/v4css/z/a0/kgelqxsfqa4adpovj2vfr1lvi.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:25 GMT
last-modified: Tue, 30 May 2017 20:58:47 GMT
server: eBay Server
etag: "c1a-550c411e4e0c1"
content-type: image/png
status: 200
cache-control: max-age=700780
accept-ranges: bytes
content-length: 3098
expires: Sun, 15 Jul 2018 04:01:05 GMT

GET
S 404 p2p4nfk5ce1krfshgvwbvk5sd.js
secureir.ebaystatic.com/v4js/z/ul/ 0
0 6ms
5ms Script
application/x-javascript 2.18.234.107
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secureir.ebaystatic.com/v4js/z/ul/p2p4nfk5ce1krfshgvwbvk5sd.js
Requested by: Host: cerkajim-001-site1.ftempurl.com
URL: http://cerkajim-001-site1.ftempurl.com/
Protocol: SPDY
Server: 2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-107.deploy.static.akamaitechnologies.com
Software: eBay Server /
Resource Hash

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 07 Jul 2018 01:21:25 GMT
server: eBay Server
status: 404
access-control-allow-methods: GET
content-type: application/x-javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-headers: *
content-length: 0
expires: Sun, 07 Jul 2019 01:21:25 GMT

GET
H/1.1 200
OK 0 Show response
rover.ebay.com/idmap/ 76 B
525 B 622ms
167ms Script
text/json 66.135.195.83
eBay

General

Check archive.org

Show headers Download Go to

Full URL: https://rover.ebay.com/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback0&_vrdm=1530926485306
Requested by: Host: secureir.ebaystatic.com
URL: https://secureir.ebaystatic.com/v4js/z/ir/0101uponiy1vhjjvs5pvtkfgy.js
Protocol: HTTP/1.1
Server: 66.135.195.83 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US),
Reverse DNS
Software: ebay server /
Resource Hash: 5b131e235e05dc1385abf0ded59d568f73b09685b266c2e9c12cae5e48885cbc

Request headers

Referer: http://cerkajim-001-site1.ftempurl.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 Jul 2018 01:21:25 GMT
Server: ebay server
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa PSDo PSAa OUR SAMo IND UNI COM NAV INT STA DEM PRE"
X-EBAY-C-REQUEST-ID: ri=Zka1mVusuwmV,rci=2SO9Izm1u9ySa83p
Cache-Control: private, no-cache
RlogId: t6qjpbq%3F%3Ctofthu%60t*2%3C25043%29pqtfwpu%29pie%29fgg%7E-fij-16472545161-0x110
Content-Type: text/json;charset=ISO-8859-1
Content-Length: 76

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adjustdiscount.ebay.com
cerkajim-001-site1.ftempurl.com
rover.ebay.com
secureir.ebaystatic.com
securepics.ebaystatic.com
srv.main.ebayrtm.com
2.18.234.107
205.144.171.97
66.135.195.83
66.211.181.198
66.211.181.31
116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109
16e185104a75bdac2e7af2c6371198714e0f3cc0f07bb086ead9fbe64b9e8554
1e2b404d0af6d246014d1d7242189fd2424830dde8cbc08eb1c338dee0ef0171
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3230d5a466b3c13c64900f09ddebfb05f3a3235ac393fbe804c88651e45357c4
42c2dcd53a51d90fdeb548415ec82e4dc686b5e958e9b65ee60392acff827382
5b131e235e05dc1385abf0ded59d568f73b09685b266c2e9c12cae5e48885cbc
60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b
7ccf44591ff1ffd720ddc82cb0463a4b01cc3b7c439af2065bc15b2b98dea303
85c57bc7134f47f9b9e4a6c843ccb81f353aa0842164625858ad7fac959310a3
9088173db5a37e3a5b4d9e25cdd7d10505217415bf10cb6ddc2ccce74728d5d7
ea6c313b6dd77583ef64f47832b9d82e6acb2dabc146ea8b2fe9c3e6b0fdb7aa
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae
ed9ce016fd3bc6d7e44816ee32711e9baa04c882932038872d437424dcc771af
f92b37df4d84d44abc17f0889aa0b81479ecf8548f4bf9cf47a5938bb33b5579
f9ec872baaf3d443fd3d0ba1c8aa4788ab6da3796c5417a5cb33943c172efc66

cerkajim-001-site1.ftempurl.com Open in urlscan Pro 205.144.171.97 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

0 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

2 Countries

176 kBTransfer

312 kBSize

0 Cookies

18 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

0 Cookies

Indicators

cerkajim-001-site1.ftempurl.com Open in urlscan Pro
205.144.171.97 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

176 kB
Transfer

312 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!