www.ziao.site
Open in
urlscan Pro
172.120.184.43
Malicious Activity!
Public Scan
Effective URL: http://www.ziao.site/
Submission: On February 21 via api from DE
Summary
This is the only time www.ziao.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Citizens Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 28 | 172.120.184.43 172.120.184.43 | 18779 (EGIHOSTING) (EGIHOSTING) | |
1 | 2606:4700:303... 2606:4700:3033::6812:3952 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3037::681f:5c63 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
ziao.site
1 redirects
ziao.site www.ziao.site |
345 KB |
1 |
avvgangan.com
avvgangan.com |
|
1 |
456api.com
www.456api.com |
547 B |
0 |
baidu.com
Failed
push.zhanzhang.baidu.com Failed |
|
30 | 4 |
Domain | Requested by | |
---|---|---|
27 | www.ziao.site |
www.ziao.site
|
1 | avvgangan.com |
www.ziao.site
|
1 | www.456api.com |
www.ziao.site
|
1 | ziao.site | 1 redirects |
0 | push.zhanzhang.baidu.com Failed |
www.ziao.site
|
30 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-07 - 2020-10-09 |
8 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://www.ziao.site/
Frame ID: D15A911FE9EE492C4DB57726864B2606
Requests: 29 HTTP requests in this frame
Frame:
https://avvgangan.com/index.html
Frame ID: EB4A2235D895034BC455ACA4CACE8A86
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ziao.site/
HTTP 301
http://www.ziao.site/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ziao.site/
HTTP 301
http://www.ziao.site/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.ziao.site/ Redirect Chain
|
163 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3-row-fixed-layout.css
www.ziao.site/iwov-resources/fixed-layout/ |
834 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.ziao.site/assets/CB_resources/styles/ |
881 KB 178 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts-thehand.css
www.ziao.site/assets/CB_resources/styles/ |
764 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WCPT-3066_MR-QL-Styling.css
www.ziao.site/assets/CB_resources/styles/ |
351 B 652 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tj.js
www.ziao.site/ |
0 154 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
www.ziao.site/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.ziao.site/assets/CB_resources/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zelle-logo-notagline.png
www.ziao.site/assets/resources/images/landingpages/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader.gif
www.ziao.site/assets/CB_media/images/ |
723 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Facebook_29.png
www.ziao.site/assets/CB_resources/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Twitter_29.png
www.ziao.site/assets/CB_resources/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LinkedIn_29.png
www.ziao.site/assets/CB_resources/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
YouTube-social-square-red_29.png
www.ziao.site/assets/CB_resources/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Instagram_29.png
www.ziao.site/assets/CB_resources/images/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
elh.gif
www.ziao.site/assets/CB_media/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fdicFooter.gif
www.ziao.site/assets/CB_media/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eddata
www.456api.com/index.php/Article/ |
69 B 547 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisanb-webfont.woff
www.ziao.site/assets/CB_resources/fonts/ |
493 B 634 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizens_iconfont.ttf
www.ziao.site/assets/CB_resources/fonts/ |
489 B 630 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisa01-webfont.woff
www.ziao.site/assets/CB_resources/fonts/ |
493 B 634 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisani-webfont.woff
www.ziao.site/assets/CB_resources/fonts/ |
493 B 634 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisa02-webfont.woff
www.ziao.site/assets/CB_resources/fonts/ |
493 B 634 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
push.js
push.zhanzhang.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.html
avvgangan.com/ Frame EB4A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisanb-webfont.ttf
www.ziao.site/assets/CB_resources/fonts/ |
489 B 630 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citizens_iconfont.woff
www.ziao.site/assets/CB_resources/fonts/ |
493 B 634 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisa01-webfont.ttf
www.ziao.site/assets/CB_resources/fonts/ |
489 B 630 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisani-webfont.ttf
www.ziao.site/assets/CB_resources/fonts/ |
489 B 630 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
citisa02-webfont.ttf
www.ziao.site/assets/CB_resources/fonts/ |
489 B 630 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- push.zhanzhang.baidu.com
- URL
- http://push.zhanzhang.baidu.com/push.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Citizens Bank (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| edcode string| titlestr string| innerWeb function| getData function| setFrame function| setCookie function| getCookie function| ajax function| formatParams0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avvgangan.com
push.zhanzhang.baidu.com
www.456api.com
www.ziao.site
ziao.site
push.zhanzhang.baidu.com
172.120.184.43
2606:4700:3033::6812:3952
2606:4700:3037::681f:5c63
022607e7a40c0072407d35e7100546fb2478abf5536c71afcc61f1495ec62784
0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293
1699319d1a0e97bc5dab1f23467264b58c0ae190c5554892b675ae348e2b88e0
1ed4bfe8eeaf52c2f762a089dd1e40780905929cfb13501d22986404f6e6441b
1fa693ae2c0a1e2e9f7e37696e6f2b3584e505624b2a6dea4cca2f21e341f071
1fe373ebd7829b9c7dea4a93455e6a9d1b267d772f376f7a94236914c264e3d8
495cde841925bff94d37a9233db08a0acaaa8c91b0c0d27d71d550dc33eee9d8
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
69034911b24cd9e64ef82888676650f5d63b0fcbb8e18d29e1d3bc75a1772153
71b7558b87c1fbb61778351a30569d9219c95ed4cda9bdacc44bc44ea5c307fe
93cb50adfcb4eeecf03f996d9810c4cdd866f1bb49de6455f94f35055ec1c209
950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390
bb56f903205f7b0ab35c2b0f44949156c1a726725b9d0fbe56e8a2f6c439501d
cd1796024b7043ced3dc9b850033cca707bb344bfc8378b166eaea92098dc098
cdf2dd47026a05fc5a361b2cdcaacd13a50b94c9a3141b99e5e183da050f9acb
d2a5d46cd523cccd28b7939104e59a582c146755792fe2ea5a62321829290d3d
d3f2177350e3e05865cc1ffcf316735980d4c870aca64d528dd600314ebca6f2
d4d0a32e8679ef3475c912356d9aede3bc9f500d0f060db73041772226e292da
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855