ezw.eb520.com Open in urlscan Pro
104.160.174.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ezw.eb520.com/index.php
Submission Tags: phishtake
Submission: On February 06 via api (February 6th 2021, 10:33:25 am UTC) from JP

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 104.160.174.175, located in Las Vegas, United States and belongs to ST-BGP, US. The main domain is ezw.eb520.com.

This is the only time ezw.eb520.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.160.174.175 104.160.174.175	46844 (ST-BGP) (ST-BGP)
3 6	54.223.250.241 54.223.250.241	55960 (BJ-GUANGH...) (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital)
1	111.72.100.178 111.72.100.178	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	2401:b180:200... 2401:b180:2000:50::17	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
9	5

1 104.160.174.175 (Las Vegas, United States)

ASN46844 (ST-BGP, US)
PTR: reply.MOTORHOMEBIZ.COM

ezw.eb520.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.223.250.241 (Beijing, China) 3 redirects

ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN)
PTR: ec2-54-223-250-241.cn-north-1.compute.amazonaws.com.cn

www.4.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.72.100.178 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

s94.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2401:b180:2000:50::17 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

hzs3.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	4.cn 3 redirects www.4.cn	10 KB
2	cnzz.com s94.cnzz.com s13.cnzz.com Failed c.cnzz.com Failed hzs3.cnzz.com	5 KB
1	eb520.com ezw.eb520.com	3 KB
0	baidu.com Failed libs.baidu.com Failed
9	4

	Domain	Requested by
6	www.4.cn	3 redirects ezw.eb520.com
1	hzs3.cnzz.com	ezw.eb520.com
1	s94.cnzz.com	ezw.eb520.com
1	ezw.eb520.com
0	c.cnzz.com Failed	s94.cnzz.com
0	s13.cnzz.com Failed	ezw.eb520.com
0	libs.baidu.com Failed	ezw.eb520.com
9	7

This site contains links to these domains. Also see Links.

Domain
www.4.cn

Subject Issuer	Validity	Valid
www.4.cn GeoTrust EV RSA CA 2018	`2019-07-25` - `2021-08-09`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://ezw.eb520.com/index.php
Frame ID: C412D73F2D903D8B729631DA02538C93
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

33 %
HTTPS

25 %
IPv6

4
Domains

7
Subdomains

5
IPs

2
Countries

17 kB
Transfer

27 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.4.cn/search/detail/pid/13628585/ref/26623
Title: 点击这里

Search URL Search Domain Scan URL

URL: http://www.4.cn/escrow
Title: 点击这里查看

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.4.cn/www/layout/3/welcome.gif HTTP 301
https://www.4.cn/www/layout/3/welcome.gif

Request Chain 2

http://www.4.cn/www/layout/4/contact_img.gif HTTP 301
https://www.4.cn/www/layout/4/contact_img.gif

Request Chain 5

http://www.4.cn/www/layout/4/backimg.jpg HTTP 301
https://www.4.cn/www/layout/4/backimg.jpg

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response ezw.eb520.com/	7 KB 3 KB	1003ms 988ms	Document text/html	104.160.174.175 ST-BGP
General Check archive.org Show headers Download Go to Full URL http://ezw.eb520.com/index.php Protocol HTTP/1.1 Server 104.160.174.175 Las Vegas, United States, ASN46844 (ST-BGP, US), Reverse DNS reply.MOTORHOMEBIZ.COM Software nginx/1.17.10 / PHP/7.3.15 Resource Hash `1a7f784f7966d994a8c0fa8a90395e74651551f84353545ce23f8a2463f77c7c` Request headers Host ezw.eb520.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.17.10 Date Sat, 06 Feb 2021 10:32:48 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Vary Accept-Encoding X-Powered-By PHP/7.3.15 Content-Encoding gzip
GET		jquery.js libs.baidu.com/jquery/1.9.0/	0 0

GET H2	200	welcome.gif www.4.cn/www/layout/3/ Redirect Chain http://www.4.cn/www/layout/3/welcome.gif https://www.4.cn/www/layout/3/welcome.gif	1 KB 1 KB	2791ms 1653ms	Image image/gif	54.223.250.241 BJ-GUANGHUAN-AP B...
General Check archive.org Show headers Download Go to Show image Full URL https://www.4.cn/www/layout/3/welcome.gif Requested by Host: ezw.eb520.com URL: http://ezw.eb520.com/index.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.223.250.241 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN), Reverse DNS ec2-54-223-250-241.cn-north-1.compute.amazonaws.com.cn Software nginx/1.16.1 / Resource Hash `20f278f4afb5a181d04831c85649c755f8757bdd30b4e5f35e89f888e083e0fe` Request headers Referer http://ezw.eb520.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 06 Feb 2021 10:32:52 GMT last-modified Thu, 15 Aug 2019 08:40:48 GMT server nginx/1.16.1 etag "5d551a90-426" content-type image/gif cache-control max-age=86400 accept-ranges bytes content-length 1062 expires Sun, 07 Feb 2021 10:32:52 GMT Redirect headers Location https://www.4.cn/www/layout/3/welcome.gif Date Sat, 06 Feb 2021 10:32:49 GMT Server nginx/1.16.1 Connection keep-alive Content-Length 169 Content-Type text/html
GET H2	200	contact_img.gif www.4.cn/www/layout/4/ Redirect Chain http://www.4.cn/www/layout/4/contact_img.gif https://www.4.cn/www/layout/4/contact_img.gif	4 KB 4 KB	345ms 344ms	Image image/gif	54.223.250.241 BJ-GUANGHUAN-AP B...
General Check archive.org Show headers Download Go to Show image Full URL https://www.4.cn/www/layout/4/contact_img.gif Requested by Host: ezw.eb520.com URL: http://ezw.eb520.com/index.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.223.250.241 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN), Reverse DNS ec2-54-223-250-241.cn-north-1.compute.amazonaws.com.cn Software nginx/1.16.1 / Resource Hash `1ba5145ea07cfc1eb9c970eaae0c853362fcd84d4dc0cc28378527244a9751c4` Request headers Referer http://ezw.eb520.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 06 Feb 2021 10:33:01 GMT last-modified Thu, 15 Aug 2019 08:40:48 GMT server nginx/1.16.1 etag "5d551a90-f8a" content-type image/gif cache-control max-age=86400 accept-ranges bytes content-length 3978 expires Sun, 07 Feb 2021 10:33:01 GMT Redirect headers Location https://www.4.cn/www/layout/4/contact_img.gif Date Sat, 06 Feb 2021 10:33:01 GMT Server nginx/1.16.1 Connection keep-alive Content-Length 169 Content-Type text/html
GET H/1.1	200 OK	stat.php Show response s94.cnzz.com/	12 KB 5 KB	712ms 659ms	Script application/javascript	111.72.100.178 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://s94.cnzz.com/stat.php?id=1794149&web_id=1794149&show=pic2 Requested by Host: ezw.eb520.com URL: http://ezw.eb520.com/index.php Protocol HTTP/1.1 Server 111.72.100.178 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `5a3ac574ad75f9e350f3221cb0e75d89c7a427d3b5cbd00da634b0da8ab5589a` Request headers Referer http://ezw.eb520.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 09:29:27 GMT Content-Encoding gzip Age 3805 X-Powered-By PHP/5.5.25 X-Cache HIT TCP_MEM_HIT dirn:-2:-2 X-Swift-CacheTime 2488 Connection keep-alive Content-Length 4085 Last-Modified Sat, 06 Feb 2021 09:29:27 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1612603767 Content-Type application/javascript Via cache31.l2cn1809[0,200-0,H], cache31.l2cn1809[1,0], cache6.cn1826[0,200-0,H], cache5.cn1826[1,0] Cache-Control max-age=5400,s-maxage=5400 Timing-Allow-Origin * EagleId 6f48649916126075729991981e X-Swift-SaveTime Sat, 06 Feb 2021 10:17:59 GMT
GET		z_stat.php s13.cnzz.com/	0 0

GET H2	200	backimg.jpg www.4.cn/www/layout/4/ Redirect Chain http://www.4.cn/www/layout/4/backimg.jpg https://www.4.cn/www/layout/4/backimg.jpg	4 KB 4 KB	1019ms 1018ms	Image image/jpeg	54.223.250.241 BJ-GUANGHUAN-AP B...
General Check archive.org Show headers Download Go to Show image Full URL https://www.4.cn/www/layout/4/backimg.jpg Requested by Host: ezw.eb520.com URL: http://ezw.eb520.com/index.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.223.250.241 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN), Reverse DNS ec2-54-223-250-241.cn-north-1.compute.amazonaws.com.cn Software nginx/1.16.1 / Resource Hash `d16d911cc66420d8fba60b7202d84ede25bf1bb17c6a8dada902ca6876e62a60` Request headers Referer http://ezw.eb520.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 06 Feb 2021 10:33:02 GMT last-modified Thu, 15 Aug 2019 08:40:48 GMT server nginx/1.16.1 etag "5d551a90-eb5" content-type image/jpeg cache-control max-age=86400 accept-ranges bytes content-length 3765 expires Sun, 07 Feb 2021 10:33:02 GMT Redirect headers Location https://www.4.cn/www/layout/4/backimg.jpg Date Sat, 06 Feb 2021 10:33:02 GMT Server nginx/1.16.1 Connection keep-alive Content-Length 169 Content-Type text/html
GET		core.php c.cnzz.com/	0 0

GET H/1.1	200 OK	stat.htm hzs3.cnzz.com/	2 B 245 B	574ms 287ms	Image text/html	2401:b180:2000:50::17 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL http://hzs3.cnzz.com/stat.htm?id=1794149&r=&lg=en-us&ntime=none&cnzz_eid=1162913967-1612603767-&showp=1600x1200&p=http%3A%2F%2Fezw.eb520.com%2Findex.php&t=eb520.com%20-%20The%20domain%20is%20available%20for%20...&umuuid=17776e6eba8919-0c1d38d5304f7a-1b396256-1d4c00-17776e6eba99de&h=1&rnd=742919021 Requested by Host: ezw.eb520.com URL: http://ezw.eb520.com/index.php Protocol HTTP/1.1 Server 2401:b180:2000:50::17 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://ezw.eb520.com/index.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 06 Feb 2021 10:33:01 GMT Content-Encoding gzip Transfer-Encoding chunked Server Tengine Connection keep-alive Vary Accept-Encoding Content-Type text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: libs.baidu.com
URL: http://libs.baidu.com/jquery/1.9.0/jquery.js

Domain: s13.cnzz.com
URL: https://s13.cnzz.com/z_stat.php?id=707379&web_id=707379

Domain: c.cnzz.com
URL: http://c.cnzz.com/core.php?web_id=1794149&show=pic2&t=z

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
ezw.eb520.com
hzs3.cnzz.com
libs.baidu.com
s13.cnzz.com
s94.cnzz.com
www.4.cn
c.cnzz.com
libs.baidu.com
s13.cnzz.com
104.160.174.175
111.72.100.178
2401:b180:2000:50::17
54.223.250.241
1a7f784f7966d994a8c0fa8a90395e74651551f84353545ce23f8a2463f77c7c
1ba5145ea07cfc1eb9c970eaae0c853362fcd84d4dc0cc28378527244a9751c4
20f278f4afb5a181d04831c85649c755f8757bdd30b4e5f35e89f888e083e0fe
5a3ac574ad75f9e350f3221cb0e75d89c7a427d3b5cbd00da634b0da8ab5589a
d16d911cc66420d8fba60b7202d84ede25bf1bb17c6a8dada902ca6876e62a60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ezw.eb520.com Open in urlscan Pro 104.160.174.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

33 %HTTPS

25 %IPv6

4 Domains

7 Subdomains

5 IPs

2 Countries

17 kBTransfer

27 kBSize

0 Cookies

2 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

ezw.eb520.com Open in urlscan Pro
104.160.174.175 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

33 %
HTTPS

25 %
IPv6

4
Domains

7
Subdomains

5
IPs

2
Countries

17 kB
Transfer

27 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions