signin.ebay.de-wsebac.work Open in urlscan Pro
185.61.152.66  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Page URL
2. https://signin.ebay.de-wsebac.work/ws/_k09oolu77/eBavISAPI-dCsz5RIBKgzlQ7WFmvFSE681R7UF Page URL
3. https://signin.ebay.de-wsebac.work/signin/ws/_ca0ab628fa88/eBavISAPI.SignIn-fDzq9S5oodYB1dOBs5A5oMZu Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	hzVqgASn Show response ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/	499 B 709 B	240ms 85ms	Document text/html	178.73.210.27 PORTLANE www.port...
General Check archive.org Show headers Download Go to Full URL https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 178.73.210.27 Stockholm, Sweden, ASN42708 (PORTLANE www.portlane.com, SE), Reverse DNS 27.210.73.178.in-addr.arpa Software Apache/2.4.29 (Ubuntu) / Resource Hash 852105f67908ace7733dc1845178d3e5fbd908acb94dfc44837026932e8f1cec Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Host ebay.portlibertecontractor.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 27 Jan 2021 20:49:32 GMT Server Apache/2.4.29 (Ubuntu) Referrer-Policy no-referrer Vary Accept-Encoding Content-Encoding gzip X-Frame-Options sameorigin X-Content-Type-Options nosniff Content-Length 365 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	eBavISAPI-dCsz5RIBKgzlQ7WFmvFSE681R7UF Show response signin.ebay.de-wsebac.work/ws/_k09oolu77/	4 KB 3 KB	130ms 129ms	Document text/html	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://signin.ebay.de-wsebac.work/ws/_k09oolu77/eBavISAPI-dCsz5RIBKgzlQ7WFmvFSE681R7UF Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash 135f059fe257cbd15457793c34fe688ae234c5b7edc26539a3be0364da2a6321 Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN sameorigin X-Xss-Protection 1; mode=block Request headers :method GET :authority signin.ebay.de-wsebac.work :scheme https :path /ws/_k09oolu77/eBavISAPI-dCsz5RIBKgzlQ7WFmvFSE681R7UF pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:33 GMT server Apache x-powered-by PHP/7.2.34 x-frame-options SAMEORIGIN sameorigin x-xss-protection 1; mode=block x-content-type-options nosniff nosniff pragma no-cache cache-control no-cache, no-store, must-revalidate expires Thu, 01 Jan 1970 00:00:00 +0000 set-cookie ckauth=ca0ab628fa88; path=/; domain=signin.ebay.de-wsebac.work; secure referrer-policy no-referrer accept-ranges none vary Accept-Encoding content-encoding gzip content-length 2606 content-type text/html; charset=UTF-8
GET H2	200	crypto-js.min.js Show response cdn.bootcss.com/crypto-js/4.0.0/	47 KB 17 KB	358ms 357ms	Script application/javascript	112.132.32.81 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn.bootcss.com/crypto-js/4.0.0/crypto-js.min.js Requested by Host: signin.ebay.de-wsebac.work URL: https://signin.ebay.de-wsebac.work/ws/_k09oolu77/eBavISAPI-dCsz5RIBKgzlQ7WFmvFSE681R7UF Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 112.132.32.81 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS 81.32.132.112.adsl-pool.ah.cnuninet.net Software NWS_TCloud_S1 / Resource Hash eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 27 Jan 2021 20:49:33 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup Hit From Disktank3 Gz x-nws-uuid-verify d4ff88095f68a602bece50602138632c age 101458 cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin content-length 16648 cf-request-id 07e45328a50000eabba111c000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:17 GMT server NWS_TCloud_S1 cf-cdnjs-via cfworker/kv etag W/"5eb03e2d-bb78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=elZejuAPkZqLHZPbimsCPmIhGa3yYlqv3CDaW7qjcODU0%2Bcy9%2BwipGzypH1CoUGNjQRcY8FIPvQKlz%2FaEYP5aoJjgqr8yr6kEfUYSorbtMqk8uxaSA%3D%3D"}]} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=2592000 x-daa-tunnel hop_count=1 x-nws-log-uuid 58db961b-ec42-4d3c-972c-ee547cd38ce0 cf-ray 6180baedd977eabb-LAX expires Fri, 26 Feb 2021 20:49:32 GMT
GET H2	200	Primary Request eBavISAPI.SignIn-fDzq9S5oodYB1dOBs5A5oMZu Show response signin.ebay.de-wsebac.work/signin/ws/_ca0ab628fa88/	217 KB 144 KB	143ms 143ms	Document text/html	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://signin.ebay.de-wsebac.work/signin/ws/_ca0ab628fa88/eBavISAPI.SignIn-fDzq9S5oodYB1dOBs5A5oMZu Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash 386e01624d28359400e19cf1730f033b1211dd05c130257592fdd7c37439754e Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN sameorigin X-Xss-Protection 1; mode=block Request headers :method GET :authority signin.ebay.de-wsebac.work :scheme https :path /signin/ws/_ca0ab628fa88/eBavISAPI.SignIn-fDzq9S5oodYB1dOBs5A5oMZu pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie ckauth=ca0ab628fa88 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:33 GMT server Apache x-powered-by PHP/7.2.34 x-frame-options SAMEORIGIN sameorigin x-xss-protection 1; mode=block x-content-type-options nosniff nosniff pragma no-cache cache-control no-cache, no-store, must-revalidate expires Thu, 01 Jan 1970 00:00:00 +0000 referrer-policy no-referrer accept-ranges none vary Accept-Encoding content-encoding gzip content-type text/html; charset=UTF-8
GET H2	200	crypto-js.min.js Show response cdn.bootcss.com/crypto-js/4.0.0/	47 KB 17 KB	338ms 338ms	Script application/javascript	112.132.32.81 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn.bootcss.com/crypto-js/4.0.0/crypto-js.min.js Requested by Host: signin.ebay.de-wsebac.work URL: https://signin.ebay.de-wsebac.work/signin/ws/_ca0ab628fa88/eBavISAPI.SignIn-fDzq9S5oodYB1dOBs5A5oMZu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 112.132.32.81 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS 81.32.132.112.adsl-pool.ah.cnuninet.net Software NWS_TCloud_S1 / Resource Hash eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Wed, 27 Jan 2021 20:49:34 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup Hit From Disktank3 Gz x-nws-uuid-verify d4ff88095f68a602bece50602138632c age 101458 cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin content-length 16648 cf-request-id 07e45328a50000eabba111c000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:17 GMT server NWS_TCloud_S1 cf-cdnjs-via cfworker/kv etag W/"5eb03e2d-bb78" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=elZejuAPkZqLHZPbimsCPmIhGa3yYlqv3CDaW7qjcODU0%2Bcy9%2BwipGzypH1CoUGNjQRcY8FIPvQKlz%2FaEYP5aoJjgqr8yr6kEfUYSorbtMqk8uxaSA%3D%3D"}]} content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=2592000 x-daa-tunnel hop_count=1 x-nws-log-uuid a2febb92-5cf4-4cea-b21c-98d8ec18c0c3 cf-ray 6180baedd977eabb-LAX expires Fri, 26 Feb 2021 20:49:33 GMT
GET H2	200	34wtddjp0q1v1dtu2elv5jwg4yf.css signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/	4 KB 2 KB	67ms 66ms	Stylesheet text/css	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash 6f312c310d0eaebd55221020955b150f2b0392f5166e4fc52f4af4261396c704 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT content-encoding gzip referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type text/css cache-control max-age=604800 accept-ranges none vary Accept-Encoding content-length 1721 x-content-type-options nosniff
GET H2	200	signin-render-0OzFOEbE.css signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/	129 KB 19 KB	130ms 130ms	Stylesheet text/css	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/signin-render-0OzFOEbE.css Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash e8a9332a79eaa40d4bb1fa80bcd4c04756a5c13f3073d0d05f386bc5f57d1d3e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT content-encoding gzip referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type text/css cache-control max-age=604800 accept-ranges none vary Accept-Encoding content-length 19496 x-content-type-options nosniff
GET DATA	200 OK	truncated Show response /	0 0		Script text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html;charset=utf-8
GET H2	200	fxxj3ttftm5ltcqnto1o4baovyl.png signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/	5 KB 5 KB	67ms 66ms	Image image/png	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/fxxj3ttftm5ltcqnto1o4baovyl.png Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash 5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4820 x-content-type-options nosniff
GET H2	200	signin-render-m4hbjSMk.js Show response signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/	860 KB 225 KB	131ms 131ms	Script application/javascript	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/signin-render-m4hbjSMk.js Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash d45f7fb60d223644bf057e03855f6576d417d5faa78cd14f6b25de8b7bc6b13f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT content-encoding gzip referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type application/javascript cache-control max-age=604800 accept-ranges none vary Accept-Encoding x-content-type-options nosniff
GET H2	200	d1fgru3r3u15jfvvbavtrnj1ve5.js Show response signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/	31 KB 12 KB	98ms 98ms	Script application/javascript	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/d1fgru3r3u15jfvvbavtrnj1ve5.js Requested by Host: ebay.portlibertecontractor.com URL: https://ebay.portlibertecontractor.com/xvlWTkxY/PPIIUEMHeBavISAPIhmmUkHP/hzVqgASn Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash 16b5b504d72bd20ed093e0042691a78726b539434aa84102143106e0c4c1a3a6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT content-encoding gzip referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type application/javascript cache-control max-age=604800 accept-ranges none vary Accept-Encoding content-length 11821 x-content-type-options nosniff
GET H2	200	sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/	1 KB 1 KB	103ms 102ms	Image image/png	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/sgninui-src-static-images-FB-f-Logo__white_29-Nm8L0bDZ.png Requested by Host: signin.ebay.de-wsebac.work URL: https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/signin-render-0OzFOEbE.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash 53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1201 x-content-type-options nosniff
GET H2	200	sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/	7 KB 7 KB	102ms 101ms	Image image/png	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/sgninui-src-static-images-google-logo-icon-PNG-Transparent-Background-Z_TFsqo3.png Requested by Host: signin.ebay.de-wsebac.work URL: https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/c/signin-render-0OzFOEbE.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash 56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6886 x-content-type-options nosniff
GET DATA	200 OK	truncated /	725 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b3c84dc67fbaa659cd41ef4f90978cdc64ee8e7afa4410ee56b55652acd6263 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	f5uxsy10bmz05dtrtrqybl5qquv.png signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/	994 B 1 KB	100ms 100ms	Image image/png	185.61.152.66 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/f5uxsy10bmz05dtrtrqybl5qquv.png Requested by Host: signin.ebay.de-wsebac.work URL: https://signin.ebay.de-wsebac.work/assets/ir.ebavstatic/rs/v/34wtddjp0q1v1dtu2elv5jwg4yf.css?proc=DU:N Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.61.152.66 , United Kingdom, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium18-4.web-hosting.com Software Apache / Resource Hash 7e0f4cd0590e2cf36c094d4226d70ccf2bc12107c46f3aeb8b3b5801396b44b0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 Jan 2021 20:49:34 GMT referrer-policy no-referrer last-modified Tue, 17 Nov 2020 20:02:09 GMT server Apache x-frame-options sameorigin content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 994 x-content-type-options nosniff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| CryptoJS object| CryptoJSAesJson function| getCookie string| cryptohash number| $ssgST function| openSocialGoogleLoginKeyPress function| openSocialFacebookLoginKeyPress function| openSocialAppleLoginKeyPress function| openSocialGoogleButtonClick function| openSocialFacebookButtonClick function| openSocialAppleButtonClick object| runtime object| $rlookup function| $rset function| $radd function| $rget object| $jscomp object| global object| $_mod object| regeneratorRuntime function| $ function| jQuery object| $rmod function| raptorDefine function| raptorRequire function| define function| require object| raptor object| $i18n object| __core-js_shared__ object| core object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| $ssg object| $MUID function| $W10NOOP function| $initComponents object| $MC function| HttpClient object| ebayContent object| GHebayContent number| GHJSLoaded object| GH function| openAPPLLoginKeyPress function| openAPPLLoginPopup function| openSocialLoginPopup function| handleParentCallBackForSocial object| globalDfpContext

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.signin.ebay.de-wsebac.work/	1969-12-31 23:59:59	Name: ckauth Value: ca0ab628fa88

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcss.com
ebay.portlibertecontractor.com
signin.ebay.de-wsebac.work
112.132.32.81
178.73.210.27
185.61.152.66
135f059fe257cbd15457793c34fe688ae234c5b7edc26539a3be0364da2a6321
16b5b504d72bd20ed093e0042691a78726b539434aa84102143106e0c4c1a3a6
1b3c84dc67fbaa659cd41ef4f90978cdc64ee8e7afa4410ee56b55652acd6263
386e01624d28359400e19cf1730f033b1211dd05c130257592fdd7c37439754e
53c410f2864972705c250f8c95f111e583c15f6efce891dae6f902c3490d97bf
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
56fbf97dc6629d06d83590f3c759381dacd1f6dfcd0f8af956ca3ab15b10e699
6f312c310d0eaebd55221020955b150f2b0392f5166e4fc52f4af4261396c704
7e0f4cd0590e2cf36c094d4226d70ccf2bc12107c46f3aeb8b3b5801396b44b0
852105f67908ace7733dc1845178d3e5fbd908acb94dfc44837026932e8f1cec
d45f7fb60d223644bf057e03855f6576d417d5faa78cd14f6b25de8b7bc6b13f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a9332a79eaa40d4bb1fa80bcd4c04756a5c13f3073d0d05f386bc5f57d1d3e
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc