www.ebay-kleinanzeigenga.5fal.com Open in urlscan Pro
31.22.4.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ebay-kleinanzeigenga.5fal.com/
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2020, 12:09:58 pm UTC)

Summary HTTP 8 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 8 HTTP transactions. The main IP is 31.22.4.72, located in Newcastle upon Tyne, United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is www.ebay-kleinanzeigenga.5fal.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 14th 2020. Valid for: 3 months.

This is the only time www.ebay-kleinanzeigenga.5fal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	31.22.4.72 31.22.4.72	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
6 6	31.186.83.235 31.186.83.235	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
6	2606:4700:303... 2606:4700:3030::6812:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

2 31.22.4.72 (Newcastle upon Tyne, United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
PTR: sv20.byethost20.org

www.ebay-kleinanzeigenga.5fal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.186.83.235 (Warsaw, Poland) 6 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-235.net1.eco.atman.pl

track.cashinpills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6812:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

banner.cashinpills.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cashinpills.com 6 redirects track.cashinpills.com banner.cashinpills.com	444 KB
2	5fal.com www.ebay-kleinanzeigenga.5fal.com	26 KB
8	2

	Domain	Requested by
6	banner.cashinpills.com	www.ebay-kleinanzeigenga.5fal.com
6	track.cashinpills.com	6 redirects
2	www.ebay-kleinanzeigenga.5fal.com	www.ebay-kleinanzeigenga.5fal.com
8	3

This site contains links to these domains. Also see Links.

Domain
track.cashinpills.com
www.kaluza.icu

Subject Issuer	Validity	Valid
ebay-kleinanzeigenga.5fal.com cPanel, Inc. Certification Authority	`2020-02-14` - `2020-05-14`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-08` - `2020-10-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ebay-kleinanzeigenga.5fal.com/
Frame ID: 65DF0F95FB20812756FAFC5EF8898B32
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

50 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

468 kB
Transfer

468 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://track.cashinpills.com/product/Derminax/?uid=24750&pid=123&bid=1470

Search URL Search Domain Scan URL

URL: http://track.cashinpills.com/product/Porn-Pro-Pills/?uid=24750&pid=133&bid=683

Search URL Search Domain Scan URL

URL: http://track.cashinpills.com/product/Metadrol/?uid=24750&pid=120&bid=667

Search URL Search Domain Scan URL

URL: https://track.cashinpills.com/product/Raspberryketone700/?uid=24750&pid=188&bid=2972

Search URL Search Domain Scan URL

URL: http://track.cashinpills.com/product/ImpreSkin/?uid=24750&pid=153&bid=1659

Search URL Search Domain Scan URL

URL: https://track.cashinpills.com/product/Ranking-tabletek-odchudzajacych/?uid=24750&pid=141&bid=1366

Search URL Search Domain Scan URL

URL: http://www.kaluza.icu/
Title: http://www.kaluza.icu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://track.cashinpills.com/banner/?uid=24750&pid=123&bid=1470 HTTP 301
http://banner.cashinpills.com/uploads/hosted/1470/be.728x90v2_52b41111b4a72.gif

Request Chain 2

http://track.cashinpills.com/banner/?uid=24750&pid=133&bid=683 HTTP 301
http://banner.cashinpills.com/uploads/hosted/683/be.728x90v1_51374b558203c.gif

Request Chain 3

http://track.cashinpills.com/banner/?uid=24750&pid=120&bid=667 HTTP 301
http://banner.cashinpills.com/uploads/hosted/667/be.728x90v1_53bbb57511f0d.gif

Request Chain 4

https://track.cashinpills.com/banner/?uid=24750&pid=188&bid=2972 HTTP 301
https://banner.cashinpills.com/uploads/products/2972/

Request Chain 5

http://track.cashinpills.com/banner/?uid=24750&pid=153&bid=1659 HTTP 301
http://banner.cashinpills.com/uploads/products/1659/

Request Chain 6

https://track.cashinpills.com/banner/?uid=24750&pid=141&bid=1366 HTTP 301
https://banner.cashinpills.com/uploads/hosted/1366/be.468x60v1_51da9c8e69d73.jpg

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ebay-kleinanzeigenga.5fal.com/	3 KB 949 B	200ms 93ms	Document text/html	31.22.4.72 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://www.ebay-kleinanzeigenga.5fal.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.22.4.72 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS sv20.byethost20.org Software nginx / Resource Hash `272c7ced95b2ea13f336d60c1d2127dc79dc9ce3a8201db91afe465925f3ce6d` Request headers :method GET :authority www.ebay-kleinanzeigenga.5fal.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 server nginx date Fri, 14 Feb 2020 12:09:42 GMT content-type text/html vary Accept-Encoding last-modified Sun, 20 Jan 2019 13:19:09 GMT cache-control max-age=500, public, proxy-revalidate expires Fri, 14 Feb 2020 12:18:02 GMT content-encoding br
GET H2	200	kaluza.png www.ebay-kleinanzeigenga.5fal.com/	25 KB 25 KB	80ms 78ms	Image image/png	31.22.4.72 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ebay-kleinanzeigenga.5fal.com/kaluza.png Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.22.4.72 Newcastle upon Tyne, United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS sv20.byethost20.org Software nginx / Resource Hash `f3eb988e826b0fbbe8740ce20cd760c9e138e728440ee00ce388961520e70559` Request headers Referer https://www.ebay-kleinanzeigenga.5fal.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Fri, 14 Feb 2020 12:09:42 GMT last-modified Sun, 20 Jan 2019 13:10:19 GMT server nginx content-type image/png status 200 cache-control max-age=2592000, public, proxy-revalidate accept-ranges bytes content-length 25484 expires Sun, 15 Mar 2020 12:09:42 GMT
GET H/1.1	200 OK	be.728x90v2_52b41111b4a72.gif banner.cashinpills.com/uploads/hosted/1470/ Redirect Chain http://track.cashinpills.com/banner/?uid=24750&pid=123&bid=1470 http://banner.cashinpills.com/uploads/hosted/1470/be.728x90v2_52b41111b4a72.gif	29 KB 30 KB	116ms 95ms	Image image/gif	2606:4700:3030::6812:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://banner.cashinpills.com/uploads/hosted/1470/be.728x90v2_52b41111b4a72.gif Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol HTTP/1.1 Server 2606:4700:3030::6812:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a580134c5d1a64abe2cb0be8dcf70293c2b4751b5d5546d465c28499aa844595` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 14 Feb 2020 12:09:42 GMT CF-Cache-Status MISS Last-Modified Mon, 13 Mar 2017 10:16:52 GMT Server cloudflare ETag "58c67194-74c2" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 564eef47989918e5-FRA Content-Length 29890 Redirect headers Location http://banner.cashinpills.com/uploads/hosted/1470/be.728x90v2_52b41111b4a72.gif Date Fri, 14 Feb 2020 12:09:41 GMT Server nginx, BIGSSD000043 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	be.728x90v1_51374b558203c.gif banner.cashinpills.com/uploads/hosted/683/ Redirect Chain http://track.cashinpills.com/banner/?uid=24750&pid=133&bid=683 http://banner.cashinpills.com/uploads/hosted/683/be.728x90v1_51374b558203c.gif	195 KB 195 KB	152ms 130ms	Image image/gif	2606:4700:3030::6812:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://banner.cashinpills.com/uploads/hosted/683/be.728x90v1_51374b558203c.gif Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol HTTP/1.1 Server 2606:4700:3030::6812:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eab7f7d20b34548113f823e72b9f6a8ab8178f8765e713af615e5f2b65a6e7ee` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 14 Feb 2020 12:09:42 GMT CF-Cache-Status MISS Last-Modified Mon, 13 Mar 2017 10:17:14 GMT Server cloudflare ETag "58c671aa-30aae" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 564eef479d8bd6d5-FRA Content-Length 199342 Redirect headers Location http://banner.cashinpills.com/uploads/hosted/683/be.728x90v1_51374b558203c.gif Date Fri, 14 Feb 2020 12:09:41 GMT Server nginx, BIGSSD000042 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	be.728x90v1_53bbb57511f0d.gif banner.cashinpills.com/uploads/hosted/667/ Redirect Chain http://track.cashinpills.com/banner/?uid=24750&pid=120&bid=667 http://banner.cashinpills.com/uploads/hosted/667/be.728x90v1_53bbb57511f0d.gif	192 KB 192 KB	154ms 132ms	Image image/gif	2606:4700:3030::6812:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://banner.cashinpills.com/uploads/hosted/667/be.728x90v1_53bbb57511f0d.gif Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol HTTP/1.1 Server 2606:4700:3030::6812:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `18d0d6d9868f65ee369aaa1215b062b3d35029e7ee16121f053fc8a96e4d59e5` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 14 Feb 2020 12:09:42 GMT CF-Cache-Status MISS Last-Modified Mon, 13 Mar 2017 10:17:01 GMT Server cloudflare ETag "58c6719d-2fea1" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 564eef479d9ec27c-FRA Content-Length 196257 Redirect headers Location http://banner.cashinpills.com/uploads/hosted/667/be.728x90v1_53bbb57511f0d.gif Date Fri, 14 Feb 2020 12:09:41 GMT Server nginx, BIGSSD000043 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	403	/ banner.cashinpills.com/uploads/products/2972/ Redirect Chain https://track.cashinpills.com/banner/?uid=24750&pid=188&bid=2972 https://banner.cashinpills.com/uploads/products/2972/	0 0	160ms 119ms	Image text/html	2606:4700:3030::6812:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://banner.cashinpills.com/uploads/products/2972/ Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ebay-kleinanzeigenga.5fal.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers Location https://banner.cashinpills.com/uploads/products/2972/ Date Fri, 14 Feb 2020 12:09:41 GMT Server nginx, BIGSSD000043 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	403 Forbidden	/ banner.cashinpills.com/uploads/products/1659/ Redirect Chain http://track.cashinpills.com/banner/?uid=24750&pid=153&bid=1659 http://banner.cashinpills.com/uploads/products/1659/	0 0	89ms 67ms	Image text/html	2606:4700:3030::6812:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://banner.cashinpills.com/uploads/products/1659/ Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol HTTP/1.1 Server 2606:4700:3030::6812:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers Location http://banner.cashinpills.com/uploads/products/1659/ Date Fri, 14 Feb 2020 12:09:41 GMT Server nginx, BIGSSD000042 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	be.468x60v1_51da9c8e69d73.jpg banner.cashinpills.com/uploads/hosted/1366/ Redirect Chain https://track.cashinpills.com/banner/?uid=24750&pid=141&bid=1366 https://banner.cashinpills.com/uploads/hosted/1366/be.468x60v1_51da9c8e69d73.jpg	25 KB 25 KB	182ms 157ms	Image image/jpeg	2606:4700:3030::6812:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://banner.cashinpills.com/uploads/hosted/1366/be.468x60v1_51da9c8e69d73.jpg Requested by Host: www.ebay-kleinanzeigenga.5fal.com URL: https://www.ebay-kleinanzeigenga.5fal.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `626d3ccb5a837a53f9bd6e8f9c7e45652dcb5e38c45084b2fefde77a05be7136` Request headers Referer https://www.ebay-kleinanzeigenga.5fal.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Fri, 14 Feb 2020 12:09:42 GMT cf-cache-status MISS last-modified Mon, 08 Jul 2013 11:03:49 GMT server cloudflare etag "51da9c95-6502" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 564eef485f6cdfb7-FRA content-length 25858 Redirect headers Location https://banner.cashinpills.com/uploads/hosted/1366/be.468x60v1_51da9c8e69d73.jpg Date Fri, 14 Feb 2020 12:09:41 GMT Server nginx, BIGSSD000042 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banner.cashinpills.com
track.cashinpills.com
www.ebay-kleinanzeigenga.5fal.com
2606:4700:3030::6812:3456
31.186.83.235
31.22.4.72
18d0d6d9868f65ee369aaa1215b062b3d35029e7ee16121f053fc8a96e4d59e5
272c7ced95b2ea13f336d60c1d2127dc79dc9ce3a8201db91afe465925f3ce6d
626d3ccb5a837a53f9bd6e8f9c7e45652dcb5e38c45084b2fefde77a05be7136
a580134c5d1a64abe2cb0be8dcf70293c2b4751b5d5546d465c28499aa844595
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab7f7d20b34548113f823e72b9f6a8ab8178f8765e713af615e5f2b65a6e7ee
f3eb988e826b0fbbe8740ce20cd760c9e138e728440ee00ce388961520e70559

www.ebay-kleinanzeigenga.5fal.com Open in urlscan Pro 31.22.4.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

50 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

2 IPs

3 Countries

468 kBTransfer

468 kBSize

0 Cookies

7 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

www.ebay-kleinanzeigenga.5fal.com Open in urlscan Pro
31.22.4.72 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

468 kB
Transfer

468 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions