cszx09.com Open in urlscan Pro
103.116.132.196 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wuhansijiazhentan3.com/
Effective URL:
https://cszx09.com/
Submission: On September 08 via api (September 8th 2020, 11:51:55 am UTC) from US

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 103.116.132.196, located in China and belongs to CHGPL-AS-AP Korea, HK. The main domain is cszx09.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2020. Valid for: 9 months.

This is the only time cszx09.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
8	154.83.249.29 154.83.249.29	136800 (XIAOZHIYU...) (XIAOZHIYUN1-AS-AP ICIDC NETWORK)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	103.116.132.196 103.116.132.196	133448 (CHGPL-AS-...) (CHGPL-AS-AP Korea)
10	103.232.84.252 103.232.84.252	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
1	175.100.207.230 175.100.207.230	9304 (HUTCHISON...) (HUTCHISON-AS-AP HGC Global Communications Limited)
22	5

8 154.83.249.29 (United States)

ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US)

wuhansijiazhentan3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.116.132.196 (China)

ASN133448 (CHGPL-AS-AP Korea, HK)

cszx09.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.232.84.252 (Hong Kong)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)

errorpage.zhushuqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.100.207.230 (Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)

pv.sohu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	zhushuqt.com errorpage.zhushuqt.com	57 KB
8	wuhansijiazhentan3.com wuhansijiazhentan3.com	44 KB
2	baidu.com hm.baidu.com	15 KB
1	sohu.com pv.sohu.com	239 B
1	cszx09.com cszx09.com	3 KB
22	5

	Domain	Requested by
10	errorpage.zhushuqt.com	cszx09.com errorpage.zhushuqt.com
8	wuhansijiazhentan3.com	wuhansijiazhentan3.com
2	hm.baidu.com	wuhansijiazhentan3.com
1	pv.sohu.com	cszx09.com
1	cszx09.com	wuhansijiazhentan3.com
22	5

This site contains links to these domains. Also see Links.

Domain
a3105.live4000.com

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-04-02` - `2021-07-26`	a year	crt.sh
90525.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-17` - `2021-04-18`	9 months	crt.sh
errorpage.zhushuqt.com Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
www.sohu.com Secure Site CA G2	`2020-06-18` - `2021-09-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cszx09.com/
Frame ID: 96479D87605D5B76DC21626425D42F03
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wuhansijiazhentan3.com/ Page URL
https://cszx09.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

64 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

119 kB
Transfer

275 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://a3105.live4000.com/Chat/Chat?userID=&userName=
Title: 点击咨询

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wuhansijiazhentan3.com/ Page URL
https://cszx09.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
wuhansijiazhentan3.com/ 8 KB
4 KB 1528ms
429ms Document
text/html 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://wuhansijiazhentan3.com/
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: 486d98a75e563dde5b756816d32b1b7d9cc646350c0ed3ef9c539fb9c87912bc

Request headers

Host: wuhansijiazhentan3.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Tue, 08 Sep 2020 11:51:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK view.css
wuhansijiazhentan3.com/css/ 6 KB
2 KB 229ms
228ms Stylesheet
text/css 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://wuhansijiazhentan3.com/css/view.css
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b0af35b9a2018c6c8b959a903ddb17c08854090c13712417eb9910c58b97204

Request headers

Referer: http://wuhansijiazhentan3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Aug 2019 09:22:36 GMT
Server: nginx
ETag: W/"5d512fdc-16e8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 08 Sep 2020 23:51:34 GMT

GET
H/1.1 200
OK tj.js Show response
wuhansijiazhentan3.com/js/ 58 B
370 B 451ms
426ms Script
application/javascript 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://wuhansijiazhentan3.com/js/tj.js
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: e671c4fc96046fd4fc2f3bdea4455b4a1fe95e10c83dfa12e7f4a53e046ec0f4

Request headers

Referer: http://wuhansijiazhentan3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:34 GMT
Last-Modified: Sun, 16 Aug 2020 07:38:27 GMT
Server: nginx
ETag: "5f38e273-3a"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58
Expires: Tue, 08 Sep 2020 23:51:34 GMT

GET
H/1.1 200
OK tz.js Show response
wuhansijiazhentan3.com/js/ 258 B
572 B 449ms
424ms Script
application/javascript 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: http://wuhansijiazhentan3.com/js/tz.js
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: ad2ae30dc61bbabaad503f1d38af527dba682ec88b182c524ea6d76792030337

Request headers

Referer: http://wuhansijiazhentan3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:34 GMT
Last-Modified: Fri, 24 Jul 2020 11:08:13 GMT
Server: nginx
ETag: "5f1ac11d-102"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258
Expires: Tue, 08 Sep 2020 23:51:34 GMT

GET
H/1.1 200
OK 221.jpg
wuhansijiazhentan3.com/pics/ 12 KB
12 KB 219ms
219ms Image
image/jpeg 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wuhansijiazhentan3.com/pics/221.jpg
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d59ae2489a664e4e3ffcbed41a2af3226566d4533d1ade76ce8e26ecc25ffd9

Request headers

Referer: http://wuhansijiazhentan3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:35 GMT
Last-Modified: Fri, 18 Apr 2014 20:16:16 GMT
Server: nginx
ETag: "53518810-2f7f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12159
Expires: Thu, 08 Oct 2020 11:51:35 GMT

GET
H/1.1 200
OK hm.js
hm.baidu.com/ 39 KB
14 KB 1105ms
541ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?574e6aa34066dd6ea9e446dd66e4f41b

Requested by

Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/js/tz.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://wuhansijiazhentan3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:35 GMT
Content-Encoding: gzip
Server: apache
Etag: fb19cdf43a765534acee206d3b16c80a
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14030

GET
H/1.1 200
OK head_pic.gif
wuhansijiazhentan3.com/images/ 9 KB
9 KB 220ms
220ms Image
image/gif 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wuhansijiazhentan3.com/images/head_pic.gif
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/css/view.css
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: 52658b6b1d866b1a305f8783dd717215bc378bbf188e827de181508a5b4faad5

Request headers

Referer: http://wuhansijiazhentan3.com/css/view.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:35 GMT
Last-Modified: Mon, 12 Aug 2019 09:34:06 GMT
Server: nginx
ETag: "5d51328e-2213"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8723
Expires: Thu, 08 Oct 2020 11:51:35 GMT

GET
H/1.1 200
OK homej_conbg3.gif
wuhansijiazhentan3.com/images/ 14 KB
14 KB 257ms
256ms Image
text/html 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wuhansijiazhentan3.com/images/homej_conbg3.gif
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/css/view.css
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://wuhansijiazhentan3.com/css/view.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 200
OK homej_conbg.gif
wuhansijiazhentan3.com/images/ 3 KB
3 KB 438ms
424ms Image
text/html 154.83.249.29
XIAOZHIYUN1-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://wuhansijiazhentan3.com/images/homej_conbg.gif
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/css/view.css
Protocol: HTTP/1.1
Server: 154.83.249.29 , United States, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://wuhansijiazhentan3.com/css/view.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 406
Not Acceptable Primary Request / Show response
cszx09.com/ 3 KB
3 KB 2648ms
301ms Document
text/html 103.116.132.196
CHGPL-AS-AP Korea

General

Check archive.org

Show headers Download Go to

Full URL: https://cszx09.com/
Requested by: Host: wuhansijiazhentan3.com
URL: http://wuhansijiazhentan3.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.116.132.196 , China, ASN133448 (CHGPL-AS-AP Korea, HK),
Reverse DNS
Software: nginx /
Resource Hash: fb3da5802d747e50055be36f663fc4ecf2db5b3628e724064e4ed1b8dc9486ac

Request headers

Host: cszx09.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://wuhansijiazhentan3.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://wuhansijiazhentan3.com/

Response headers

Server: nginx
Date: Tue, 08 Sep 2020 11:51:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3114
Connection: keep-alive
ETag: "5f5708ce-c2a"

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 366ms
366ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=710819502&si=574e6aa34066dd6ea9e446dd66e4f41b&v=1.2.76&lv=1&sn=53152&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwuhansijiazhentan3.com%2F&tt=%E6%BE%B3%E9%97%A8%E4%B8%89%E4%B9%90%E5%BD%A9%E6%80%BB%E7%AB%99_%E6%BE%B3%E9%97%A8%E5%BD%A9%E5%BC%80%E5%A5%96%E5%8F%B7%E7%A0%81

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://wuhansijiazhentan3.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Sep 2020 11:51:36 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK base.css
errorpage.zhushuqt.com/error_page/css/ 11 KB
3 KB 843ms
192ms Stylesheet
text/css 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/css/base.css
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: 4f1333f021a6f6c1386fbbb6d219d8345bc710d538e629660d2597a5c9598b5c

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-2d49"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK main.css
errorpage.zhushuqt.com/error_page/css/ 22 KB
5 KB 844ms
193ms Stylesheet
text/css 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/css/main.css
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: 3f5b8b3dcb9817903b9dce42e3107a97d5420abc8da53d8b2d149c2454ffc4be

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-595f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK vendor.css
errorpage.zhushuqt.com/error_page/css/ 11 KB
2 KB 844ms
193ms Stylesheet
text/css 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/css/vendor.css
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: d7a2b6e41ea22a67f083361171d12b61ea0e84650006d8d935f123cc339bcc75

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-2da5"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK modernizr.js Show response
errorpage.zhushuqt.com/error_page/js/ 8 KB
4 KB 845ms
192ms Script
application/javascript 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/js/modernizr.js
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: 40646c369a9937af219b54946d683ce29e31eb908eda4b604a152b443a793f37

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-1e51"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery-2.1.3.min.js Show response
errorpage.zhushuqt.com/error_page/js/ 82 KB
29 KB 1028ms
375ms Script
application/javascript 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/js/jquery-2.1.3.min.js
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-14960"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK plugins.js Show response
errorpage.zhushuqt.com/error_page/js/ 22 KB
8 KB 898ms
212ms Script
application/javascript 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/js/plugins.js
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: ca610db3665be809c318e26cf2a8687a7d4ca05ece971e34759f3aaa70a90d98

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 Sep 2019 02:52:48 GMT
Server: nginx
ETag: W/"5d86e200-561b"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK main.js Show response
errorpage.zhushuqt.com/error_page/js/ 4 KB
1 KB 1040ms
194ms Script
application/javascript 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/js/main.js
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: 9fa34edac1ab75c182e20ce2523b1e827b360f5b5cfc62c8f8d6f9e52c6bbad2

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-e42"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 cityjson Show response
pv.sohu.com/ 78 B
239 B 651ms
238ms Script
text/json 175.100.207.230
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.sohu.com/cityjson?ie=utf-8
Requested by: Host: cszx09.com
URL: https://cszx09.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 175.100.207.230 , Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software: nginx/1.0.15 /
Resource Hash: 880b7adea20370b2a2430b011dede0fd33530b7624c14bbc582a2d0be593c18c

Request headers

Referer: https://cszx09.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 08 Sep 2020 11:51:39 GMT
fss-proxy: Powered by 2789026.4165292.3543479, Powered by 11681416.19283602.15091964
server: nginx/1.0.15
content-length: 78
content-type: text/json; charset=utf-8

GET
H/1.1 200
OK fonts.css
errorpage.zhushuqt.com/error_page/css/ 0
226 B 194ms
193ms Stylesheet
text/css 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/css/fonts.css
Requested by: Host: errorpage.zhushuqt.com
URL: https://errorpage.zhushuqt.com/error_page/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://errorpage.zhushuqt.com/error_page/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Last-Modified: Sun, 22 Sep 2019 02:52:10 GMT
Server: nginx
ETag: "5d86e1da-0"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK font-awesome.min.css
errorpage.zhushuqt.com/error_page/css/font-awesome/css/ 21 KB
5 KB 194ms
193ms Stylesheet
text/css 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL: https://errorpage.zhushuqt.com/error_page/css/font-awesome/css/font-awesome.min.css
Requested by: Host: errorpage.zhushuqt.com
URL: https://errorpage.zhushuqt.com/error_page/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

Referer: https://errorpage.zhushuqt.com/error_page/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2019 05:20:07 GMT
Server: nginx
ETag: W/"5cc68987-55e0"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK main-logo.png
errorpage.zhushuqt.com/error_page/images/ 0
227 B 193ms
192ms Image
image/png 103.232.84.252
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://errorpage.zhushuqt.com/error_page/images/main-logo.png
Requested by: Host: errorpage.zhushuqt.com
URL: https://errorpage.zhushuqt.com/error_page/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.232.84.252 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://errorpage.zhushuqt.com/error_page/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 08 Sep 2020 11:51:39 GMT
Last-Modified: Sun, 22 Sep 2019 02:53:56 GMT
Server: nginx
ETag: "5d86e244-0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cszx09.com
errorpage.zhushuqt.com
hm.baidu.com
pv.sohu.com
wuhansijiazhentan3.com
103.116.132.196
103.232.84.252
103.235.46.191
154.83.249.29
175.100.207.230
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1b0af35b9a2018c6c8b959a903ddb17c08854090c13712417eb9910c58b97204
2d59ae2489a664e4e3ffcbed41a2af3226566d4533d1ade76ce8e26ecc25ffd9
3f5b8b3dcb9817903b9dce42e3107a97d5420abc8da53d8b2d149c2454ffc4be
40646c369a9937af219b54946d683ce29e31eb908eda4b604a152b443a793f37
486d98a75e563dde5b756816d32b1b7d9cc646350c0ed3ef9c539fb9c87912bc
4f1333f021a6f6c1386fbbb6d219d8345bc710d538e629660d2597a5c9598b5c
52658b6b1d866b1a305f8783dd717215bc378bbf188e827de181508a5b4faad5
880b7adea20370b2a2430b011dede0fd33530b7624c14bbc582a2d0be593c18c
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9fa34edac1ab75c182e20ce2523b1e827b360f5b5cfc62c8f8d6f9e52c6bbad2
ad2ae30dc61bbabaad503f1d38af527dba682ec88b182c524ea6d76792030337
ca610db3665be809c318e26cf2a8687a7d4ca05ece971e34759f3aaa70a90d98
d7a2b6e41ea22a67f083361171d12b61ea0e84650006d8d935f123cc339bcc75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e671c4fc96046fd4fc2f3bdea4455b4a1fe95e10c83dfa12e7f4a53e046ec0f4
fb3da5802d747e50055be36f663fc4ecf2db5b3628e724064e4ed1b8dc9486ac

cszx09.com Open in urlscan Pro 103.116.132.196 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

64 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

119 kBTransfer

275 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

cszx09.com Open in urlscan Pro
103.116.132.196 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

64 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

119 kB
Transfer

275 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!