Report - ebay206.com/invite/NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/...%20345%20...ex/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH

Report Overview

Visited public
2024-08-16 12:27:31
Tags
Submit Tags
URL
ebay206.com/invite/NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/...%20345%20...ex/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH
Finishing URL
ebay206.com/index/user/login.html?code=NS8UJH
IP / ASN
47.76.150.106
#45102 Alibaba US Technology Co., Ltd.
Title
Home

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Sent	Received	IP
r11.o.lencr.org	unknown	1.6 kB	4.4 kB	23.36.76.226
r10.o.lencr.org	unknown	981 B	2.7 kB	23.36.77.32
ebay206.com	unknown	7.9 kB	431 kB	47.76.150.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed
2024-08-16	medium	ebay206.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	ebay206.com/index/user/login.html?code=NS8UJH	ScriptElement	0 B	0001-01-01	2025-07-01
Pretty URL ebay206.com/index/user/login.html?code=NS8UJH IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-01 06:05 Times Seen5223712 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ebay206.com/static/js/login.js	ScriptElement	2.6 kB	2024-07-21	2024-08-29
Pretty URL ebay206.com/static/js/login.js IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-21 20:19 Last Seen2024-08-29 17:27 Times Seen42 Hash cc45ab38fec20405f946361042aeb082 03c814da6353a8e103b1746122f263a10f3dd6d0 d4fce1739d43e3d5bcc50d59bb3959a6f30c7d2a1feb61ae783383867220eab9 Loading...

	ebay206.com/static/js/picker.min.js	ScriptElement	28 kB	2024-05-26	2024-12-27
Pretty URL ebay206.com/static/js/picker.min.js IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-26 18:39 Last Seen2024-12-27 13:59 Times Seen49 Hash ec9fc799ac4e773e98d76c38d374f3ab 9544e548843986ceab4f9c73c8dc9b2426877ba3 226bbc3aba720ce26f474523a1a96457566f8f19adb56155e95e3309c90727a1 Loading...

	ebay206.com/index/user/login.html?code=NS8UJH	ScriptElement	0 B	0001-01-01	2025-07-01
Pretty URL ebay206.com/index/user/login.html?code=NS8UJH IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-01 06:05 Times Seen5223712 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ebay206.com/static/js/app.js	ScriptElement	2.2 kB	2023-08-01	2024-12-27
Pretty URL ebay206.com/static/js/app.js IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 20:35 Last Seen2024-12-27 13:59 Times Seen120 Hash f61996673d511b9bc50b09e0e99797f6 02d54a2f43d566a4da01ddbf0f4bc146e4ceeb9d 02088d9b82cb847b872445df1995113b5204a0ddbec64a784e52af7400689460 Loading...

	ebay206.com/static/js/lazy.js	ScriptElement	7.9 kB	2023-03-07	2025-07-01
Pretty URL ebay206.com/static/js/lazy.js IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:55 Last Seen2025-07-01 03:06 Times Seen605 Hash c75222a837462c1c8da0309810b969da e1702ab550525ceb5b7062a3f667c2a1dd18f381 96168f75aafd51751c96aa73e57e77c4e3928f92cba9aa7949452db8478fd84d Loading...

	ebay206.com/static/js/paymentDialog.js	ScriptElement	12 kB	2024-05-26	2024-12-27
Pretty URL ebay206.com/static/js/paymentDialog.js IP 47.76.150.106 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-26 18:39 Last Seen2024-12-27 13:59 Times Seen49 Hash 6006619ec9f2919b541f1a4252ade2d2 c089e360580b6bdb7d367222edcf8b57a545ff9c fd63bf8c88c4e1f69e8e9af1bf816aaf06394045dc7ed250554c637bcdb2241f Loading...

HTTP Transactions (22)

URL IP Response Size

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
686480d25645ac2aca7a99974693a82f
55ca9d53bd758d2afc75e8a9b59c656ff26a3f70
8902058e383c2f43751417e1af1d582f7a16ce0b6fc180ab20cbc76c4b00f914

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8902058E383C2F43751417E1AF1D582F7A16CE0B6FC180AB20CBC76C4B00F914"
Last-Modified: Wed, 14 Aug 2024 12:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7794
Expires: Fri, 16 Aug 2024 14:36:59 GMT
Date: Fri, 16 Aug 2024 12:27:05 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2df91286f49e58e16a376311a3bd4a11
f91a1585d976cf80ae4702b607130dc84e095e81
b6aa8b353b34cd929b75a9baf0f9953435f07d0118004f1e0bf72e5e15498fe4

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6AA8B353B34CD929B75A9BAF0F9953435F07D0118004F1E0BF72E5E15498FE4"
Last-Modified: Fri, 16 Aug 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5248
Expires: Fri, 16 Aug 2024 13:54:33 GMT
Date: Fri, 16 Aug 2024 12:27:05 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
4d209e16679910b467c26590a0073236
ddd59fa6902b498e9c0cfb22e342757f954789d0
9ef3dab56215a67804db0e12d33772a1902f5914b788530717712902a294bcb5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9EF3DAB56215A67804DB0E12D33772A1902F5914B788530717712902A294BCB5"
Last-Modified: Wed, 14 Aug 2024 21:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19160
Expires: Fri, 16 Aug 2024 17:46:25 GMT
Date: Fri, 16 Aug 2024 12:27:05 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
75f615f839dbf8cd2f4a3d58e44455f2
362b7a7d5cbe41d8a42cecec4ee755af0e07ddaf
2c4833330979b96ed12b3480367f00be397e9f9ccb35a088e7c79e92eb26cae4

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2C4833330979B96ED12B3480367F00BE397E9F9CCB35A088E7C79E92EB26CAE4"
Last-Modified: Fri, 16 Aug 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16035
Expires: Fri, 16 Aug 2024 16:54:20 GMT
Date: Fri, 16 Aug 2024 12:27:05 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
eb435b4378467bf9f584b418712258fa
a8b94ee7d74cf62a888adea6de0ce0c7ba5c8766
3dbfb39d8074780980022a696c1f4b402a56a3ee37146cc48382bc7748b07647

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3DBFB39D8074780980022A696C1F4B402A56A3EE37146CC48382BC7748B07647"
Last-Modified: Wed, 14 Aug 2024 21:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Fri, 16 Aug 2024 18:26:33 GMT
Date: Fri, 16 Aug 2024 12:27:06 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14597
Expires: Fri, 16 Aug 2024 16:30:24 GMT
Date: Fri, 16 Aug 2024 12:27:07 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14597
Expires: Fri, 16 Aug 2024 16:30:24 GMT
Date: Fri, 16 Aug 2024 12:27:07 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3c14cfb85dc9ceb923d7d3c3648719d2
10ea83f83398870f50ca771216ad77bd95aa66cc
bc868b2a34fe0c66d7a2dc1754676cc4031891c797fdd23e82d135559bd82c1b

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "BC868B2A34FE0C66D7A2DC1754676CC4031891C797FDD23E82D135559BD82C1B"
Last-Modified: Thu, 15 Aug 2024 09:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14597
Expires: Fri, 16 Aug 2024 16:30:24 GMT
Date: Fri, 16 Aug 2024 12:27:07 GMT
Connection: keep-alive

GET ebay206.com/static/font/iconfont.ttf

47.76.150.106

200 OK

5.5 kB

URL GET HTTP/2
ebay206.com/static/font/iconfont.ttf
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, Created by iconfonticonfontRegulariconfonticonfontVersion 1.0iconfontGenerated by svg2ttf from F
Size
5.5 kB (5496 bytes)
Hash
3249f46da8efb8a57b8cd3753a5ae5de
e54d82890db0bc66a555466c7a9a411edba08058
188742ea0c37d65d2d86ba30a232283c17cbedc11d4b08d5562ee17ffa04c4f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/font/iconfont.ttf HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/static/css/app.css?v=1.1.1
Cookie: code=NS8UJH
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:08 GMT
content-type: application/octet-stream
content-length: 5496
last-modified: Fri, 23 Jun 2023 12:17:48 GMT
etag: "64958d6c-1578"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ebay206.com/static/img/ebay.webp

47.76.150.106

200 OK

3.7 kB

URL GET HTTP/2
ebay206.com/static/img/ebay.webp
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.7 kB (3714 bytes)
Hash
13d2c11510af1e9b16df9241f2eca6cb
2963028dcbcdb929c5eb4db274782ffe8a6cf4cf
df01266ca317990cde80c9c880af35914618cf4488dc42340477591ff2f6155d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/img/ebay.webp HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:08 GMT
content-type: image/webp
content-length: 3714
last-modified: Fri, 23 Jun 2023 10:39:27 GMT
etag: "6495765f-e82"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ebay206.com/favicon.ico

47.76.150.106

200 OK

34 kB

URL GET HTTP/2
ebay206.com/favicon.ico
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Size
34 kB (34494 bytes)
Hash
adb036f7e8512cca6399d6a05a2dfc6a
adb7eb7d387b539824bb9519d26b4e9234d4678e
a2e62a64b1141dcc0fe81b6bd8a7eb5809a5fd922892f7ed1d66b99f8eccc2f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:09 GMT
content-type: image/x-icon
content-length: 34494
last-modified: Wed, 10 Apr 2024 04:33:32 GMT
etag: "6616169c-86be"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ebay206.com/favicon.ico

47.76.150.106

200 OK

34 kB

URL GET HTTP/2
ebay206.com/favicon.ico
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Size
34 kB (34494 bytes)
Hash
adb036f7e8512cca6399d6a05a2dfc6a
adb7eb7d387b539824bb9519d26b4e9234d4678e
a2e62a64b1141dcc0fe81b6bd8a7eb5809a5fd922892f7ed1d66b99f8eccc2f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:09 GMT
content-type: image/x-icon
content-length: 34494
last-modified: Wed, 10 Apr 2024 04:33:32 GMT
etag: "6616169c-86be"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ebay206.com/static/font/Nunito.ttf

47.76.150.106

200 OK

265 kB

URL GET HTTP/2
ebay206.com/static/font/Nunito.ttf
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
TrueType Font data, 20 tables, 1st "GDEF", 27 names, Microsoft, language 0x409, Copyright 2014 The Nunito Project Authors (https://github.com/googlefonts/nunito)Nunito ExtraLig
Size
265 kB (265028 bytes)
Hash
0fb9f3205f8fef177195a78d37c11c0d
1e363fca63cee65061e39ed8fadc8a22675f9937
fada5f76a75c02cf30e2f2c43bbbdb644d830e6e0e24fb1e03a9561c1b7d11ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/font/Nunito.ttf HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/static/css/app.css?v=1.1.1
Cookie: code=NS8UJH
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:08 GMT
content-type: application/octet-stream
content-length: 265028
last-modified: Fri, 23 Jun 2023 10:39:38 GMT
etag: "6495766a-40b44"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ebay206.com/static/css/app.css?v=1.1.1

47.76.150.106

200 OK

22 kB

URL GET HTTP/2
ebay206.com/static/css/app.css?v=1.1.1
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
ASCII text, with very long lines (21492)
Size
22 kB (21798 bytes)
Hash
37708032469f80a6c2bd285c1c157546
d761b2fa9d382f43a105bafdd1b3cd631348131c
b512269c066a979be95b0b72bec84415676f8fd8c731b5646b4d5a2e307018fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/app.css?v=1.1.1 HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: text/css
last-modified: Sun, 16 Jun 2024 10:55:49 GMT
vary: Accept-Encoding
etag: W/"666ec4b5-5526"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/static/js/app.js

47.76.150.106

200 OK

2.2 kB

URL GET HTTP/2
ebay206.com/static/js/app.js
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
JavaScript source, ASCII text, with very long lines (2283), with no line terminators
Size
2.2 kB (2211 bytes)
Hash
61c6b6096fd7b5134dac5423bfff46cd
dad88736d3d429787b427ab96ff402545b291f0c
b9fcd0e0adfbce1e189963aee84f55e0afb9fe1af66753541631351a79bc8115

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/app.js HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: application/javascript
last-modified: Sun, 02 Jun 2024 06:34:18 GMT
vary: Accept-Encoding
etag: W/"665c126a-8a3"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/static/js/paymentDialog.js

47.76.150.106

200 OK

12 kB

URL GET HTTP/2
ebay206.com/static/js/paymentDialog.js
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
JavaScript source, ASCII text, with very long lines (11522), with no line terminators
Size
12 kB (11522 bytes)
Hash
6006619ec9f2919b541f1a4252ade2d2
c089e360580b6bdb7d367222edcf8b57a545ff9c
fd63bf8c88c4e1f69e8e9af1bf816aaf06394045dc7ed250554c637bcdb2241f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/paymentDialog.js HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: application/javascript
last-modified: Mon, 25 Dec 2023 20:10:46 GMT
vary: Accept-Encoding
etag: W/"6589e1c6-2d02"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/invite/NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/...%20345%20...ex/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH

47.76.150.106

302 Found

2.5 kB

URL User Request GET HTTP/2
ebay206.com/invite/NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/...%20345%20...ex/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type

Size
2.5 kB (2519 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /invite/NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/...%20345%20...ex/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH/index/user/login.html?code=NS8UJH HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 16 Aug 2024 12:27:06 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache,must-revalidate
location: /index/user/login.html?code=NS8UJH
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

GET ebay206.com/static/css/paymentDialog.css

47.76.150.106

200 OK

4.7 kB

URL GET HTTP/2
ebay206.com/static/css/paymentDialog.css
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
ASCII text, with very long lines (4684), with no line terminators
Size
4.7 kB (4677 bytes)
Hash
969a9ea8a87ea65912105169996afab3
e816797ecaefb660aa65a7883b0c7348a79c592b
46be2a31512a8f78ec40b2becc72145b5fb36d5e7fd820acb358d84614e743dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/paymentDialog.css HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: text/css
last-modified: Fri, 23 Jun 2023 10:39:36 GMT
vary: Accept-Encoding
etag: W/"64957668-1245"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/static/js/picker.min.js

47.76.150.106

200 OK

28 kB

URL GET HTTP/2
ebay206.com/static/js/picker.min.js
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
JavaScript source, ASCII text, with very long lines (27583), with no line terminators
Size
28 kB (27583 bytes)
Hash
ec9fc799ac4e773e98d76c38d374f3ab
9544e548843986ceab4f9c73c8dc9b2426877ba3
226bbc3aba720ce26f474523a1a96457566f8f19adb56155e95e3309c90727a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/picker.min.js HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: application/javascript
last-modified: Mon, 25 Dec 2023 20:10:30 GMT
vary: Accept-Encoding
etag: W/"6589e1b6-6bbf"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/static/js/lazy.js

47.76.150.106

200 OK

7.9 kB

URL GET HTTP/2
ebay206.com/static/js/lazy.js
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
JavaScript source, ASCII text, with very long lines (8044), with no line terminators
Size
7.9 kB (7862 bytes)
Hash
e586f0c0c1896ee8ec8c31a4d1ecf30e
a811adbae79772299f8009af055fc8ebc26f4e9c
9d1b4a8ea7b5dd0a504e2ad2b43046d0d86ff5decf2a32aa12918be5c2550968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/lazy.js HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: application/javascript
last-modified: Fri, 23 Jun 2023 10:39:33 GMT
vary: Accept-Encoding
etag: W/"64957665-1eb6"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/static/js/login.js

47.76.150.106

200 OK

2.6 kB

URL GET HTTP/2
ebay206.com/static/js/login.js
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://ebay206.com/index/user/login.html?code=NS8UJH
Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
JavaScript source, ASCII text, with very long lines (2732), with no line terminators
Size
2.6 kB (2555 bytes)
Hash
a4b587d6803ed0f173f82c52874c0732
7f5b7f4c920809293b466a39754e3be104c86c2a
035c44aa8340abcfec88b5c525d50181e12e8280c2613069df971fdf0f3f3f6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/login.js HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebay206.com/index/user/login.html?code=NS8UJH
Cookie: code=NS8UJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: application/javascript
last-modified: Sun, 16 Jun 2024 10:53:46 GMT
vary: Accept-Encoding
etag: W/"666ec43a-9fb"
expires: Sat, 17 Aug 2024 00:27:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ebay206.com/index/user/login.html?code=NS8UJH

47.76.150.106

200 OK

2.5 kB

URL User Request GET HTTP/2
ebay206.com/index/user/login.html?code=NS8UJH
IP
47.76.150.106:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectbananaa.top
FingerprintA0:B2:6A:86:2F:AE:BF:2F:AF:94:B7:B6:95:2F:12:24:45:A6:E8:52
ValidityTue, 30 Jul 2024 15:35:01 GMT - Mon, 28 Oct 2024 15:35:00 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2692), with no line terminators
Size
2.5 kB (2519 bytes)
Hash
21e1d93b714a17817662e120d622a0a7
8d63153f39b5bb4682eb9a14b0e5dd0d9940185c
a7bfc638ff5d51d1d30f5d4a75b2742eb57758586df0625251876bd4fb5bdd5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/user/login.html?code=NS8UJH HTTP/1.1
Host: ebay206.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 16 Aug 2024 12:27:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: code=NS8UJH; path=/
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN