shop4baylo.altervista.org Open in urlscan Pro
78.129.205.2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://shop4baylo.altervista.org/usridlog.htm
Submission: On August 07 via automatic, source openphish (August 7th 2017, 4:17:39 pm UTC)

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 78.129.205.2, located in United Kingdom and belongs to IOMART-AS, GB. The main domain is shop4baylo.altervista.org.

This is the only time shop4baylo.altervista.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1	78.129.205.2 78.129.205.2	20860 (IOMART-AS) (IOMART-AS)
13	104.109.58.197 104.109.58.197	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	66.135.211.19 66.135.211.19	11643 (EBAY) (EBAY - eBay)
15	3

1 78.129.205.2 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: ns191.altervista.org

shop4baylo.altervista.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.109.58.197 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-58-197.deploy.static.akamaitechnologies.com

secureinclude.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepics.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.135.211.19 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)

srv.main.ebayrtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ebaystatic.com secureinclude.ebaystatic.com securepics.ebaystatic.com	92 KB
1	ebayrtm.com srv.main.ebayrtm.com	9 B
1	altervista.org shop4baylo.altervista.org	3 KB
15	3

	Domain	Requested by
9	securepics.ebaystatic.com	shop4baylo.altervista.org
4	secureinclude.ebaystatic.com	shop4baylo.altervista.org
1	srv.main.ebayrtm.com	shop4baylo.altervista.org
1	shop4baylo.altervista.org
15	4

This site contains links to these domains. Also see Links.

Domain
getinthegame.event.ebay.com
pages.ebay.com

Subject Issuer	Validity	Valid
www.ebay.com Symantec Class 3 Secure Server CA - G4	`2017-06-15` - `2018-06-16`	a year	crt.sh
srv.ebayrtm.com Symantec Class 3 Secure Server CA - G4	`2017-04-13` - `2019-06-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://shop4baylo.altervista.org/usridlog.htm
Frame ID: 20361.1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

95 kB
Transfer

160 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://getinthegame.event.ebay.com/

Search URL Search Domain Scan URL

URL: http://pages.ebay.com/help/new/contextual/signin.html
Title: Get sign in help - opens in a new window or tab

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request usridlog.htm Show response shop4baylo.altervista.org/	11 KB 3 KB	53ms 18ms	Document text/html	78.129.205.2 IOMART-AS
General Check archive.org Show headers Download Go to Full URL http://shop4baylo.altervista.org/usridlog.htm Protocol HTTP/1.1 Server 78.129.205.2 , United Kingdom, ASN20860 (IOMART-AS, GB), Reverse DNS ns191.altervista.org Software Apache / Resource Hash `89a05f55e08fe5a900db684bd7d17a0f2fb02568ea5d84cbdcc2674376337900` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 07 Aug 2017 16:17:28 GMT Content-Encoding gzip Last-Modified Mon, 07 Aug 2017 13:44:09 GMT Server Apache ETag "c486dd-2a31-5562a0a8a3c40" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=1, max=100 Content-Length 3550
GET H/1.1	200 OK	xfte5phkne23xawbtftnahitp.css secureinclude.ebaystatic.com/v4css/z/ia/	12 KB 3 KB	37ms 6ms	Stylesheet text/css	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secureinclude.ebaystatic.com/v4css/z/ia/xfte5phkne23xawbtftnahitp.css Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `473dc3679a9f0ee4eb47b385bc2390f6f629da4264198c03ee4f5e01413857d6` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 07 Aug 2017 16:17:28 GMT Content-Encoding gzip Last-Modified Fri, 02 Mar 2012 22:11:48 GMT Server eBay Server ETag "2ec5-4ba49dce1b100-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1727969 Connection keep-alive Accept-Ranges bytes Content-Length 2870 Expires Sun, 27 Aug 2017 16:16:57 GMT
GET H/1.1	200 OK	lpfefylbca4pvnjtt5d1j340c.css secureinclude.ebaystatic.com/v4css/z/ib/	15 KB 4 KB	42ms 12ms	Stylesheet text/css	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secureinclude.ebaystatic.com/v4css/z/ib/lpfefylbca4pvnjtt5d1j340c.css Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `7896bd992bab693fcbb20e9611aeda091f2b1a4168193a7d24daef297eda3680` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 07 Aug 2017 16:17:28 GMT Content-Encoding gzip Last-Modified Fri, 25 Mar 2011 03:00:12 GMT Server eBay Server ETag "c8f5ff91-3a4f-49f45cadec700" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=1727933 Connection keep-alive Accept-Ranges bytes Content-Length 3969 Expires Sun, 27 Aug 2017 16:16:21 GMT
GET H/1.1	200 OK	viscook31e1dbeikgevpqspl1.js Show response secureinclude.ebaystatic.com/v4js/z/ad/	6 KB 2 KB	39ms 8ms	Script application/javascript	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secureinclude.ebaystatic.com/v4js/z/ad/viscook31e1dbeikgevpqspl1.js Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `e59091f3420c34536b46995921f79bfbd3a325d894b73e5df68ce63542ee05c4` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 07 Aug 2017 16:17:28 GMT Content-Encoding gzip Last-Modified Fri, 25 Mar 2011 21:28:08 GMT Server eBay Server ETag "1966-49f5545260a00-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1802518 Connection keep-alive Accept-Ranges bytes Content-Length 2207 Expires Mon, 28 Aug 2017 12:59:26 GMT
GET H/1.1	200 OK	wxlaja0ipezfdoxvw5veocs2o.js Show response secureinclude.ebaystatic.com/v4js/z/y0/	47 KB 12 KB	41ms 11ms	Script application/javascript	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://secureinclude.ebaystatic.com/v4js/z/y0/wxlaja0ipezfdoxvw5veocs2o.js Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `1d64ffa2f1d067de298e4a08416e1136fe3f21c8dcfed5e7aac819e5928969f8` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 07 Aug 2017 16:17:28 GMT Content-Encoding gzip Last-Modified Fri, 02 Mar 2012 22:09:04 GMT Server eBay Server ETag "c349254-ba3c-4ba49d31b4000" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1802476 Connection keep-alive Accept-Ranges bytes Content-Length 12132 Expires Mon, 28 Aug 2017 12:58:44 GMT
GET S	200	logoEbay_x45.gif securepics.ebaystatic.com/aw/pics/logos/	2 KB 3 KB	25ms 6ms	Image image/gif	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/logos/logoEbay_x45.gif Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 20:59:56 GMT server eBay Server etag "9f1-550c415f94e4c" content-type image/gif status 200 cache-control max-age=2453101 accept-ranges bytes content-length 2545 expires Tue, 05 Sep 2017 01:42:29 GMT
GET S	200	img_scoreboardheaderV2_158x159.jpg securepics.ebaystatic.com/aw/pics/holiday/doodle2011/marchmadness/	6 KB 6 KB	36ms 17ms	Image image/jpeg	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/holiday/doodle2011/marchmadness/img_scoreboardheaderV2_158x159.jpg Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `742b49925314b1f9fbb360e82d19b6178ea40dac8542fa11b51c798ab79838a7` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 20:59:32 GMT server eBay Server etag "eb5b6200-1946-550c4148f5810" content-type image/jpeg status 200 cache-control max-age=1835935 accept-ranges bytes content-length 6470 expires Mon, 28 Aug 2017 22:16:23 GMT
GET S	200	logoNewVeriSign_100x65.gif securepics.ebaystatic.com/aw/pics/logos/	2 KB 2 KB	29ms 11ms	Image image/gif	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/logos/logoNewVeriSign_100x65.gif Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `338091c440440fe4a109deb3d829285244b62114c5252d2cb97d191bf3cafe19` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 20:59:56 GMT server eBay Server etag "774-550c415fab1c1" content-type image/gif status 200 cache-control max-age=1223560 accept-ranges bytes content-length 1908 expires Mon, 21 Aug 2017 20:10:08 GMT
GET S	200	s.gif securepics.ebaystatic.com/aw/pics/	49 B 67 B	25ms 6ms	Image image/gif	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/s.gif Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 21:03:22 GMT server eBay Server etag "cfbb4d79-31-550c4224c68c3" content-type image/gif status 200 cache-control max-age=3055262 accept-ranges bytes content-length 49 expires Tue, 12 Sep 2017 00:58:30 GMT
GET H/1.1	200 OK	rtm Show response srv.main.ebayrtm.com/	9 B 9 B	784ms 164ms	Script application/x-javascript	66.135.211.19 eBay
General Check archive.org Show headers Download Go to Full URL https://srv.main.ebayrtm.com/rtm?RtmGetCapJs&p=18 Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 66.135.211.19 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `9088173db5a37e3a5b4d9e25cdd7d10505217415bf10cb6ddc2ccce74728d5d7` Request headers Referer http://shop4baylo.altervista.org/usridlog.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 07 Aug 2017 16:17:28 GMT Server Apache-Coyote/1.1 P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control no-cache RlogId p4pphdlwc%3D9vjd32%2B62%3C6667-15dbd7ca513-0xd3 Content-Type application/x-javascript;charset=utf-8 Content-Length 9 Expires 0
GET S	200	sprBubbleHelp.png securepics.ebaystatic.com/aw/pics/cmp/ds2/	1 KB 1 KB	22ms 9ms	Image image/png	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprBubbleHelp.png Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `5c295e4bfebfa4ad5a36d953c3fd25685a93fb61f55f626627d84bca57d090af` Request headers Referer https://secureinclude.ebaystatic.com/v4css/z/ib/lpfefylbca4pvnjtt5d1j340c.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 20:58:47 GMT server eBay Server etag "5bf-550c411e4dcd8" content-type image/png status 200 cache-control max-age=2444669 accept-ranges bytes content-length 1471 expires Mon, 04 Sep 2017 23:21:57 GMT
GET S	200	sprButtons.png securepics.ebaystatic.com/aw/pics/cmp/ds2/	11 KB 11 KB	19ms 7ms	Image image/png	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/cmp/ds2/sprButtons.png Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae` Request headers Referer https://secureinclude.ebaystatic.com/v4css/z/ib/lpfefylbca4pvnjtt5d1j340c.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 20:58:47 GMT server eBay Server etag "cded1051-2a90-550c411e4e891" content-type image/png status 200 cache-control max-age=1465886 accept-ranges bytes content-length 10896 expires Thu, 24 Aug 2017 15:28:54 GMT
GET S	200	imgeBPSignInBG_20x20.jpg securepics.ebaystatic.com/aw/pics/signin/	4 KB 4 KB	9ms 9ms	Image image/jpeg	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/signin/imgeBPSignInBG_20x20.jpg Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `9a6581495c426624b1ee64c1667b1c3a624ff59577dfae6064582b57a2eff46b` Request headers Referer https://secureinclude.ebaystatic.com/v4css/z/ib/lpfefylbca4pvnjtt5d1j340c.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 21:03:55 GMT server eBay Server etag "f57-550c4243a47d8" content-type image/jpeg status 200 cache-control max-age=1828912 accept-ranges bytes content-length 3927 expires Mon, 28 Aug 2017 20:19:20 GMT
GET S	200	imgeBPSignInTransparent_455x261.png securepics.ebaystatic.com/aw/pics/signin/	44 KB 44 KB	9ms 9ms	Image image/png	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/signin/imgeBPSignInTransparent_455x261.png Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `604b6937fc689dc880de952dc6aae1ad5d35dbe4b43689454788a0f9c5965165` Request headers Referer https://secureinclude.ebaystatic.com/v4css/z/ib/lpfefylbca4pvnjtt5d1j340c.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 21:03:55 GMT server eBay Server etag "af79-550c4243a4fa3" content-type image/png status 200 cache-control max-age=1865858 accept-ranges bytes content-length 44921 expires Tue, 29 Aug 2017 06:35:06 GMT
GET S	200	btnClose_16x16.gif securepics.ebaystatic.com/aw/pics/buttons/	233 B 251 B	10ms 10ms	Image image/gif	104.109.58.197 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://securepics.ebaystatic.com/aw/pics/buttons/btnClose_16x16.gif Requested by Host: shop4baylo.altervista.org URL: http://shop4baylo.altervista.org/usridlog.htm Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.109.58.197 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a104-109-58-197.deploy.static.akamaitechnologies.com Software eBay Server / Resource Hash `1e2b404d0af6d246014d1d7242189fd2424830dde8cbc08eb1c338dee0ef0171` Request headers Referer https://secureinclude.ebaystatic.com/v4css/z/ia/xfte5phkne23xawbtftnahitp.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers date Mon, 07 Aug 2017 16:17:28 GMT last-modified Tue, 30 May 2017 20:58:16 GMT server eBay Server etag "e9-550c4100a1085" content-type image/gif status 200 cache-control max-age=566113 accept-ranges bytes content-length 233 expires Mon, 14 Aug 2017 05:32:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secureinclude.ebaystatic.com
securepics.ebaystatic.com
shop4baylo.altervista.org
srv.main.ebayrtm.com
104.109.58.197
66.135.211.19
78.129.205.2
1d64ffa2f1d067de298e4a08416e1136fe3f21c8dcfed5e7aac819e5928969f8
1e2b404d0af6d246014d1d7242189fd2424830dde8cbc08eb1c338dee0ef0171
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
338091c440440fe4a109deb3d829285244b62114c5252d2cb97d191bf3cafe19
473dc3679a9f0ee4eb47b385bc2390f6f629da4264198c03ee4f5e01413857d6
5c295e4bfebfa4ad5a36d953c3fd25685a93fb61f55f626627d84bca57d090af
604b6937fc689dc880de952dc6aae1ad5d35dbe4b43689454788a0f9c5965165
60531d6ef692e14da848197b5a42c89be4c86d4a2274f0b183db7998e6b3e99b
742b49925314b1f9fbb360e82d19b6178ea40dac8542fa11b51c798ab79838a7
7896bd992bab693fcbb20e9611aeda091f2b1a4168193a7d24daef297eda3680
89a05f55e08fe5a900db684bd7d17a0f2fb02568ea5d84cbdcc2674376337900
9088173db5a37e3a5b4d9e25cdd7d10505217415bf10cb6ddc2ccce74728d5d7
9a6581495c426624b1ee64c1667b1c3a624ff59577dfae6064582b57a2eff46b
e59091f3420c34536b46995921f79bfbd3a325d894b73e5df68ce63542ee05c4
eb31797ffcf6740895630e7a308d7df248cee4b2896779b0a031b772a33b4cae

shop4baylo.altervista.org Open in urlscan Pro 78.129.205.2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

95 kBTransfer

160 kBSize

0 Cookies

2 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

shop4baylo.altervista.org Open in urlscan Pro
78.129.205.2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

95 kB
Transfer

160 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!