cszx09.com
Open in
urlscan Pro
103.116.132.196
Malicious Activity!
Public Scan
Effective URL: https://cszx09.com/
Submission: On September 08 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2020. Valid for: 9 months.
This is the only time cszx09.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bet365 (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 154.83.249.29 154.83.249.29 | 136800 (XIAOZHIYU...) (XIAOZHIYUN1-AS-AP ICIDC NETWORK) | |
2 | 103.235.46.191 103.235.46.191 | 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.) | |
1 | 103.116.132.196 103.116.132.196 | 133448 (CHGPL-AS-...) (CHGPL-AS-AP Korea) | |
10 | 103.232.84.252 103.232.84.252 | 55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd) | |
1 | 175.100.207.230 175.100.207.230 | 9304 (HUTCHISON...) (HUTCHISON-AS-AP HGC Global Communications Limited) | |
22 | 5 |
ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US)
wuhansijiazhentan3.com |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)
errorpage.zhushuqt.com |
ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
pv.sohu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
zhushuqt.com
errorpage.zhushuqt.com |
57 KB |
8 |
wuhansijiazhentan3.com
wuhansijiazhentan3.com |
44 KB |
2 |
baidu.com
hm.baidu.com |
15 KB |
1 |
sohu.com
pv.sohu.com |
239 B |
1 |
cszx09.com
cszx09.com |
3 KB |
22 | 5 |
Domain | Requested by | |
---|---|---|
10 | errorpage.zhushuqt.com |
cszx09.com
errorpage.zhushuqt.com |
8 | wuhansijiazhentan3.com |
wuhansijiazhentan3.com
|
2 | hm.baidu.com |
wuhansijiazhentan3.com
|
1 | pv.sohu.com |
cszx09.com
|
1 | cszx09.com |
wuhansijiazhentan3.com
|
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
a3105.live4000.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
baidu.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-04-02 - 2021-07-26 |
a year | crt.sh |
90525.com Sectigo RSA Domain Validation Secure Server CA |
2020-07-17 - 2021-04-18 |
9 months | crt.sh |
errorpage.zhushuqt.com Let's Encrypt Authority X3 |
2020-08-31 - 2020-11-29 |
3 months | crt.sh |
www.sohu.com Secure Site CA G2 |
2020-06-18 - 2021-09-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cszx09.com/
Frame ID: 96479D87605D5B76DC21626425D42F03
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://wuhansijiazhentan3.com/ Page URL
- https://cszx09.com/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 点击咨询
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://wuhansijiazhentan3.com/ Page URL
- https://cszx09.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
wuhansijiazhentan3.com/ |
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.css
wuhansijiazhentan3.com/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tj.js
wuhansijiazhentan3.com/js/ |
58 B 370 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tz.js
wuhansijiazhentan3.com/js/ |
258 B 572 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
221.jpg
wuhansijiazhentan3.com/pics/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
39 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_pic.gif
wuhansijiazhentan3.com/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homej_conbg3.gif
wuhansijiazhentan3.com/images/ |
14 KB 14 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homej_conbg.gif
wuhansijiazhentan3.com/images/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
cszx09.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
errorpage.zhushuqt.com/error_page/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
errorpage.zhushuqt.com/error_page/css/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.css
errorpage.zhushuqt.com/error_page/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.js
errorpage.zhushuqt.com/error_page/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.3.min.js
errorpage.zhushuqt.com/error_page/js/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins.js
errorpage.zhushuqt.com/error_page/js/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
errorpage.zhushuqt.com/error_page/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cityjson
pv.sohu.com/ |
78 B 239 B |
Script
text/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
errorpage.zhushuqt.com/error_page/css/ |
0 226 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
errorpage.zhushuqt.com/error_page/css/font-awesome/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-logo.png
errorpage.zhushuqt.com/error_page/images/ |
0 227 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bet365 (Entertainment)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| particleground object| returnCitySN object| ip406 object| url object| curDate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cszx09.com
errorpage.zhushuqt.com
hm.baidu.com
pv.sohu.com
wuhansijiazhentan3.com
103.116.132.196
103.232.84.252
103.235.46.191
154.83.249.29
175.100.207.230
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1b0af35b9a2018c6c8b959a903ddb17c08854090c13712417eb9910c58b97204
2d59ae2489a664e4e3ffcbed41a2af3226566d4533d1ade76ce8e26ecc25ffd9
3f5b8b3dcb9817903b9dce42e3107a97d5420abc8da53d8b2d149c2454ffc4be
40646c369a9937af219b54946d683ce29e31eb908eda4b604a152b443a793f37
486d98a75e563dde5b756816d32b1b7d9cc646350c0ed3ef9c539fb9c87912bc
4f1333f021a6f6c1386fbbb6d219d8345bc710d538e629660d2597a5c9598b5c
52658b6b1d866b1a305f8783dd717215bc378bbf188e827de181508a5b4faad5
880b7adea20370b2a2430b011dede0fd33530b7624c14bbc582a2d0be593c18c
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9fa34edac1ab75c182e20ce2523b1e827b360f5b5cfc62c8f8d6f9e52c6bbad2
ad2ae30dc61bbabaad503f1d38af527dba682ec88b182c524ea6d76792030337
ca610db3665be809c318e26cf2a8687a7d4ca05ece971e34759f3aaa70a90d98
d7a2b6e41ea22a67f083361171d12b61ea0e84650006d8d935f123cc339bcc75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671c4fc96046fd4fc2f3bdea4455b4a1fe95e10c83dfa12e7f4a53e046ec0f4
fb3da5802d747e50055be36f663fc4ecf2db5b3628e724064e4ed1b8dc9486ac