www.webskiadmin.com.au Open in urlscan Pro
221.121.151.163 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Submission: On May 09 via automatic, source openphish (May 9th 2017, 6:40:10 pm UTC)

Summary HTTP 13 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 221.121.151.163, located in Bundaberg, Australia and belongs to AS45671-NET-AU Wholesale Services Provider, AU. The main domain is www.webskiadmin.com.au.

This is the only time www.webskiadmin.com.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
10	221.121.151.163 221.121.151.163	45671 (AS45671-N...) (AS45671-NET-AU Wholesale Services Provider)
1	66.211.181.198 66.211.181.198	11643 (EBAY) (EBAY - eBay)
1	95.101.245.130 95.101.245.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	66.211.184.152 66.211.184.152	11643 (EBAY) (EBAY - eBay)
13	5

10 221.121.151.163 (Bundaberg, Australia)

ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU)
PTR: sau-67f97-or.servercontrol.com.au

www.webskiadmin.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.211.181.198 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)

adjustdiscount.ebay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.245.130 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-245-130.deploy.akamaitechnologies.com

rover.ebay.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.211.184.152 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)
PTR: gha.ebay.com

gha.ebay.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	webskiadmin.com.au www.webskiadmin.com.au	406 KB
2	ebay.com.au rover.ebay.com.au gha.ebay.com.au	76 B
1	ebay.com adjustdiscount.ebay.com	29 B
13	3

	Domain	Requested by
10	www.webskiadmin.com.au	www.webskiadmin.com.au
1	gha.ebay.com.au	www.webskiadmin.com.au
1	rover.ebay.com.au	www.webskiadmin.com.au
1	adjustdiscount.ebay.com	www.webskiadmin.com.au
13	4

This site contains links to these domains. Also see Links.

Domain
www.ebay.com.au
cars.ebay.com.au
signin.ebay.com.au
reg.ebay.com.au

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Frame ID: 28612.1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

406 kB
Transfer

452 kB
Size

0
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ebay.com.au/rpp/collectables
Title: Collectables

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/antiques
Title: Antiques

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/art
Title: Art

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/crafts
Title: Crafts

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/coins
Title: Coins

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/electronics
Title: Electronics

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/cameras
Title: Cameras & Photography

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/computers-tablets-networking
Title: Computers & Tablets

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/phones-accessories
Title: Mobile Phones & Accessories

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/home-entertainment
Title: TV & Home Entertainment

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/video-games-consoles
Title: Video Games & Consoles

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/books-magazines
Title: Books & Magazines

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/movies
Title: DVDs & Movies

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/music
Title: Music

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/fashion-home
Title: Fashion

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/womens-clothing
Title: Women's Clothing

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/mens-clothing
Title: Men's Clothing

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/shoes
Title: Shoes

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/jewellery-watches
Title: Jewellery & Watches

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/home-garden
Title: Home & Garden

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/building-materials-diy
Title: Building Materials, DIY

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/furniture
Title: Furniture

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/gardening
Title: Gardening

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/home-decor
Title: Home Décor

Search URL Search Domain Scan URL

URL: http://cars.ebay.com.au/
Title: Motors

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Motorcycles-/32073/i.html
Title: Motorcycles

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Boats-/26429/i.html
Title: Boats

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/vehicle-parts-accessories
Title: Car, Truck Parts

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/sporting-goods
Title: Sporting Goods

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/cycling
Title: Cycling

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Fishing-/1492/i.html
Title: Fishing

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/fitness-running-yoga
Title: Fitness, Running & Yoga

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Golf-/1513/i.html
Title: Golf

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/toys-hobbies
Title: Toys & Hobbies

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Radio-Control-/2562/i.html
Title: Radio Control

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Model-Trains-/180250/i.html
Title: Model Trains

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Outdoor-Toys-/11743/i.html
Title: Outdoor Toys

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/Action-Figures-/246/i.html
Title: Action Figures

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/sch/allcategories/all-categories
Title: Other Categories

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/baby
Title: Baby

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/pet-supplies
Title: Pet Supplies

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/health-beauty
Title: Health & Beauty

Search URL Search Domain Scan URL

URL: http://www.ebay.com.au/rpp/musical-instruments
Title: Musical Instruments

Search URL Search Domain Scan URL

URL: https://signin.ebay.com.au/ws/eBayISAPI.dll?SignIn&ru=http%3A%2F%2Fwww.webskiadmin.com.au%2Fweb%2Fminip.php%2Fhttps%3A%2Fsignin.ebay.com.au%2Fws%2FeBayISAPI.dll%2F
Title: Sign in

Search URL Search Domain Scan URL

URL: https://reg.ebay.com.au/reg/PartialReg?ru=http%3A%2F%2Fwww.webskiadmin.com.au%2Fweb%2Fminip.php%2Fhttps%3A%2Fsignin.ebay.com.au%2Fws%2FeBayISAPI.dll%2F
Title: register

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/ 16 KB
5 KB 1876ms
1241ms Document
text/html 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 9888abd2982f82df8fe46161099a88e422a60b9e23e1bf26b95793215d580a26

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 275
Date: Tue, 09 May 2017 18:39:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 May 2017 18:23:42 GMT
Server: Apache
X-EdgeConnect-MidMile-RTT: 14
ETag: dc7bbc519d49ac4a4e36b7386936b096
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Connection: keep-alive, Keep-Alive
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 4937

GET
H/1.1 200
OK project.css
www.webskiadmin.com.au/web/minip.php/https://ir.ebaystatic.com/rs/c/au/page-not-found/css/ 2 KB
744 B 435ms
433ms Stylesheet
text/css 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/https://ir.ebaystatic.com/rs/c/au/page-not-found/css/project.css
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 55d1c3efc02a35a0c4f668d639bbb4c8ebacdb40ead0fb048e0a11c20fff4aa7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2017 11:09:44 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
RlogId: t6q%60utuf%3C%3Dosu4a57d.%3C142-15aa2ee1f99-0x1ca3
X-EBAY-REQUEST-ID: 15aa2ee1-f990-a1c4-3664-bf18fd7c7df2![]
Connection: keep-alive, Keep-Alive
X-EBAY-C-VERSION: 1.0.0
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=99
Content-Length: 744
Expires: Wed, 09 May 2018 18:39:57 GMT

GET
H/1.1 200
OK aaa5p3nkya2onh2wvw0vhpasj.js Show response
www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/v4js/z/yy/ 102 KB
102 KB 406ms
405ms Script
application/x-javascript 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/v4js/z/yy/aaa5p3nkya2onh2wvw0vhpasj.js
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 8e27b0403bf1062e5c8df7f76bb053bac530db88e86a3f5b99930b4dc78c69d1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:56 GMT
Last-Modified: Sun, 05 Jun 2016 15:56:05 GMT
Server: Apache
ETag: aaa5p3nkya2onh2wvw0vhpasjyy
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive, Keep-Alive
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 104294
Expires: Wed, 09 May 2018 18:39:57 GMT

GET
H/1.1 200
OK ebaybase_v4_e10051au.js Show response
www.webskiadmin.com.au/web/minip.php/http://include.ebaystatic.com/js/e1005/au/ 52 KB
52 KB 1214ms
904ms Script
application/javascript 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://include.ebaystatic.com/js/e1005/au/ebaybase_v4_e10051au.js
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 254af9cb683294953419f202cc25087d14331bd4088ed52a089a768da7566979

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:56 GMT
Last-Modified: Thu, 02 Mar 2017 02:31:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=25962977
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 53747
Expires: Tue, 06 Mar 2018 06:36:15 GMT

GET
H/1.1 200
OK ebaysup_e10051au.js Show response
www.webskiadmin.com.au/web/minip.php/http://include.ebaystatic.com/js/e1005/au/ 17 KB
17 KB 745ms
434ms Script
application/javascript 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://include.ebaystatic.com/js/e1005/au/ebaysup_e10051au.js
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 4175abd072f1901d519d5997d9fb07e17e8c91c3be52a057604410291491adfb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:56 GMT
Last-Modified: Thu, 02 Mar 2017 02:31:11 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=25963051
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 17409
Expires: Tue, 06 Mar 2018 06:37:28 GMT

GET
H/1.1 200
OK 3rbu3pf2ca5gfmtz3y3gt1d2huk.css
www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/ 43 KB
10 KB 707ms
400ms Stylesheet
text/css 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/3rbu3pf2ca5gfmtz3y3gt1d2huk.css?proc=DU:N
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: cdfd810f2571cfe20fd4477f4fc27abc7ba2ff52abbda15cee44902c8d8773a5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2017 00:03:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
RlogId: t6q%60utuf%3C%3Dpieufvuq%60%2807%3A%3C%3F-159f1f7d55b-0x92
X-EBAY-REQUEST-ID: 159f1f7d-55b0-abc1-3096-76ffff516834![]
Connection: keep-alive, Keep-Alive
X-EBAY-C-VERSION: 1.0.0
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 10254
Expires: Wed, 09 May 2018 18:39:57 GMT

GET
H/1.1 200
OK fxxj3ttftm5ltcqnto1o4baovyl.png
www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/ 5 KB
5 KB 408ms
408ms Image
image/png 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/fxxj3ttftm5ltcqnto1o4baovyl.png
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:57 GMT
Last-Modified: Wed, 29 Oct 2014 18:09:24 GMT
Server: Apache
Content-Type: image/png
Cache-Control: public, max-age=31536000, immutable
RlogId: t6q%60utuf%3C%3Dpie3a57d.%3Dge%3B-152774f95cb-0xa1
X-EBAY-REQUEST-ID: 152774f9-5cc0-a5e5-e490-8b5ffe58c56d!resources.unknown!r1ressvc[]
Connection: keep-alive, Keep-Alive
X-EBAY-C-VERSION: 1.0.0
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=98
Content-Length: 4820
Expires: Wed, 09 May 2018 18:39:58 GMT

GET
H/1.1 200
OK woox5s1isqzjdikwkz1ocwnnuez.js Show response
www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/ 214 KB
214 KB 463ms
462ms Script
application/x-javascript 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/woox5s1isqzjdikwkz1ocwnnuez.js
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: c1e047be540547a995c6db0366ed370bd2787ff31e32285cd52c153e1fca8854

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:57 GMT
Last-Modified: Wed, 05 Apr 2017 20:01:31 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=UTF-8
Cache-Control: public, max-age=31536000, immutable
RlogId: t6q%60utuf%3C%3Dosu4a57d.4307-15b3fca4c2c-0xb0
X-EBAY-REQUEST-ID: 15b3fca4-c2c0-a1c9-4612-768bfeee930c![]
Connection: keep-alive, Keep-Alive
X-EBAY-C-VERSION: 1.0.0
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=99
Content-Length: 219176
Expires: Wed, 09 May 2018 18:39:58 GMT

GET
H/1.1 200
OK 9
www.webskiadmin.com.au/web/minip.php/http://rover.ebay.com.au/roverimp/0/0/ 42 B
42 B 959ms
646ms Image
image/gif 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.webskiadmin.com.au/web/minip.php/http://rover.ebay.com.au/roverimp/0/0/9?imp=1018649
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2017 18:39:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa PSDo PSAa OUR SAMo IND UNI COM NAV INT STA DEM PRE"
Server: Apache
X-EdgeConnect-MidMile-RTT: 169
X-EdgeConnect-Cache-Status: 0
Content-Type: image/gif
X-EdgeConnect-Origin-MEX-Latency: 43
X-EBAY-C-REQUEST-ID: ri=PtspxUbZMnCp,rci=mdhe7VS32PO1RHO1
Cache-Control: private, no-cache
RlogId: t6qjpbq%3F%3Cwk%7Dthu%60t*503%3E04-15bee82c2f6-0x116
Connection: keep-alive, Keep-Alive
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=5, max=100
Content-Length: 42

GET
H/1.1 200
OK Cookie set eBayISAPI.dll Show response
adjustdiscount.ebay.com/ws/ 9 B
29 B 379ms
192ms Script
text/html 66.211.181.198
eBay

General

Check archive.org

Show headers Download Go to

Full URL: http://adjustdiscount.ebay.com/ws/eBayISAPI.dll?AdjustDiscount&coupon=t%60-lnb-mhlc%60hjradv-vvv
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/http://include.ebaystatic.com/js/e1005/au/ebaybase_v4_e10051au.js
Protocol: HTTP/1.1
Server: 66.211.181.198 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3230d5a466b3c13c64900f09ddebfb05f3a3235ac393fbe804c88651e45357c4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: adjustdiscount.ebay.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 09 May 2017 18:39:59 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Cache-Control: private
Set-Cookie: ebay=%5Esbf%3D%23%5E; Domain=.ebay.com; Path=/ dp1=bu1p/QEBfX0BAX19AQA**5af3407f^; Domain=.ebay.com; Expires=Thu, 09-May-2019 18:39:59 GMT; Path=/ s=CgAD4ACBZE15/ZWU4MmM2YzgxNWIwYTYyMGYyODM0YzkzZmZmZGEyZjcd4Ycr; Domain=.ebay.com; Path=/ nonsession=CgADKACBieA5/ZWU4MmM2YzgxNWIwYTYyMGYyODM0YzkzZmZmZGEyZjcAywABWRIUBzFztnoD; Domain=.ebay.com; Expires=Wed, 09-May-2018 18:39:59 GMT; Path=/
Content-Length: 29

GET
DATA 200
OK truncated
/ 725 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b3c84dc67fbaa659cd41ef4f90978cdc64ee8e7afa4410ee56b55652acd6263

Request headers

Response headers

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1677deaebd6c62165635bf9a52383104da16e1dcbecc373a683db4715cc4bd7

Request headers

Response headers

GET
H/1.1 200
OK 0 Show response
rover.ebay.com.au/idmap/ 76 B
76 B 185ms
167ms Script
text/json 95.101.245.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://rover.ebay.com.au/idmap/0?footer&cb=vjo.dsf.assembly.VjClientAssembler._callback0&_vrdm=1494355200102
Requested by: Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/v4js/z/yy/aaa5p3nkya2onh2wvw0vhpasj.js
Protocol: HTTP/1.1
Server: 95.101.245.130 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-101-245-130.deploy.akamaitechnologies.com
Software: ebay server /
Resource Hash: 5b131e235e05dc1385abf0ded59d568f73b09685b266c2e9c12cae5e48885cbc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: rover.ebay.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2017 18:40:00 GMT
Server: ebay server
X-EdgeConnect-MidMile-RTT: 89
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa PSDo PSAa OUR SAMo IND UNI COM NAV INT STA DEM PRE"
X-EdgeConnect-Origin-MEX-Latency: 66
X-EBAY-C-REQUEST-ID: ri=l%2BHh18gD%2BPDs,rci=hHVxTu%2FsOlsb4Yzu
Cache-Control: private, no-cache
RlogId: t6qjpbq%3F%3Ctofthu%60t*6150%3A4-15bee82c8db-0x12f
Connection: keep-alive
Content-Type: text/json;charset=ISO-8859-1
Content-Length: 76

GET
H/1.1 200
OK Cookie set bullseye Show response
gha.ebay.com.au/nproxy/notification/v1/ 0
0 336ms
176ms Script
application/javascript 66.211.184.152
eBay

General

Check archive.org

Show headers Download Go to

Full URL

http://gha.ebay.com.au/nproxy/notification/v1/bullseye?callback=GH_personalizedData&_=1494355200061

Requested by

Host: www.webskiadmin.com.au
URL: http://www.webskiadmin.com.au/web/minip.php/http://ir.ebaystatic.com/rs/v/woox5s1isqzjdikwkz1ocwnnuez.js

Protocol

HTTP/1.1

Server

66.211.184.152 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US),

Reverse DNS

gha.ebay.com

Software

ebay server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: gha.ebay.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2017 18:39:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ebay server
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
X-EBAY-C-REQUEST-ID: ri=akvlSliX3%2FT9,rci=rjPUgLb0duROb8zs
Cache-Control: private
Transfer-Encoding: chunked
RlogId: t6dmgdwhic9%3Feog4d70f%2Bba03%29pqtfwpu%29sm%7E%29fgg%7E-fij-15bee82c976-0x117
Set-Cookie: JSESSIONID=56605F08B131ADE79128A25D3D934D3F; Path=/; HttpOnly ebay=%5Esbf%3D%23%5E;Domain=.ebay.com.au;Path=/ dp1=bu1p/QEBfX0BAX19AQA**5af34080^bl/DE5cd47400^;Domain=.ebay.com.au;Expires=Thu, 09-May-2019 18:40:00 GMT;Path=/ s=CgAD4ACBZE16AZWU4MmM5NzMxNWIwYTg4MDMzMzBkMDI2ZjQ0ZWZkYzkTnzdU;Domain=.ebay.com.au;Path=/; HttpOnly nonsession=CgADLAAFZEhQIMQDKACBieA6AZWU4MmM5NzMxNWIwYTg4MDMzMzBkMDI2ZjQ0ZWZkYzn9IU0N;Domain=.ebay.com.au;Expires=Wed, 09-May-2018 18:40:00 GMT;Path=/
Content-Type: application/javascript;charset=utf-8
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found favicon.ico
www.webskiadmin.com.au/ 328 B
328 B 304ms
304ms Other
text/html 221.121.151.163
AS45671-NET-AU Wh...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.webskiadmin.com.au/favicon.ico
Protocol: HTTP/1.1
Server: 221.121.151.163 Bundaberg, Australia, ASN45671 (AS45671-NET-AU Wholesale Services Provider, AU),
Reverse DNS: sau-67f97-or.servercontrol.com.au
Software: Apache /
Resource Hash: 6b62a3658ad247e8f30d3e9f35da5e00ffac1ea09785bd1f0a9830f659cf01da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: www.webskiadmin.com.au
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.webskiadmin.com.au/web/minip.php/https:/signin.ebay.com.au/ws/eBayISAPI.dll/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 09 May 2017 18:39:59 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adjustdiscount.ebay.com
gha.ebay.com.au
rover.ebay.com.au
www.webskiadmin.com.au
221.121.151.163
66.211.181.198
66.211.184.152
95.101.245.130
1b3c84dc67fbaa659cd41ef4f90978cdc64ee8e7afa4410ee56b55652acd6263
254af9cb683294953419f202cc25087d14331bd4088ed52a089a768da7566979
3230d5a466b3c13c64900f09ddebfb05f3a3235ac393fbe804c88651e45357c4
4175abd072f1901d519d5997d9fb07e17e8c91c3be52a057604410291491adfb
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
55d1c3efc02a35a0c4f668d639bbb4c8ebacdb40ead0fb048e0a11c20fff4aa7
5b131e235e05dc1385abf0ded59d568f73b09685b266c2e9c12cae5e48885cbc
6b62a3658ad247e8f30d3e9f35da5e00ffac1ea09785bd1f0a9830f659cf01da
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8e27b0403bf1062e5c8df7f76bb053bac530db88e86a3f5b99930b4dc78c69d1
9888abd2982f82df8fe46161099a88e422a60b9e23e1bf26b95793215d580a26
b1677deaebd6c62165635bf9a52383104da16e1dcbecc373a683db4715cc4bd7
c1e047be540547a995c6db0366ed370bd2787ff31e32285cd52c153e1fca8854
cdfd810f2571cfe20fd4477f4fc27abc7ba2ff52abbda15cee44902c8d8773a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.webskiadmin.com.au Open in urlscan Pro 221.121.151.163 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

5 IPs

3 Countries

406 kBTransfer

452 kBSize

0 Cookies

45 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.webskiadmin.com.au Open in urlscan Pro
221.121.151.163 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

406 kB
Transfer

452 kB
Size

0
Cookies

13 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!