www.ziao.site Open in urlscan Pro
172.120.184.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ziao.site/
Effective URL:
http://www.ziao.site/
Submission: On February 21 via api (February 21st 2020, 6:06:58 am UTC) from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 30 HTTP transactions. The main IP is 172.120.184.43, located in San Jose, United States and belongs to EGIHOSTING, US. The main domain is www.ziao.site.

This is the only time www.ziao.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 28	172.120.184.43 172.120.184.43	18779 (EGIHOSTING) (EGIHOSTING)
1	2606:4700:303... 2606:4700:3033::6812:3952	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::681f:5c63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	4

28 172.120.184.43 (San Jose, United States) 1 redirects

ASN18779 (EGIHOSTING, US)

ziao.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ziao.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6812:3952 (United States)

ASN13335 (CLOUDFLARENET, US)

www.456api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681f:5c63 (United States)

ASN13335 (CLOUDFLARENET, US)

avvgangan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	ziao.site 1 redirects ziao.site www.ziao.site	345 KB
1	avvgangan.com avvgangan.com
1	456api.com www.456api.com	547 B
0	baidu.com Failed push.zhanzhang.baidu.com Failed
30	4

	Domain	Requested by
27	www.ziao.site	www.ziao.site
1	avvgangan.com	www.ziao.site
1	www.456api.com	www.ziao.site
1	ziao.site	1 redirects
0	push.zhanzhang.baidu.com Failed	www.ziao.site
30	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-07` - `2020-10-09`	8 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.ziao.site/
Frame ID: D15A911FE9EE492C4DB57726864B2606
Requests: 29 HTTP requests in this frame

Frame: https://avvgangan.com/index.html
Frame ID: EB4A2235D895034BC455ACA4CACE8A86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ziao.site/ HTTP 301
http://www.ziao.site/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

30
Requests

3 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

345 kB
Transfer

1184 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ziao.site/ HTTP 301
http://www.ziao.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.ziao.site/ Redirect Chain http://ziao.site/ http://www.ziao.site/	163 KB 23 KB	9257ms 565ms	Document text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `d3f2177350e3e05865cc1ffcf316735980d4c870aca64d528dd600314ebca6f2` Request headers Host www.ziao.site Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Fri, 21 Feb 2020 06:06:43 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Content-Encoding gzip Redirect headers Server nginx Date Fri, 21 Feb 2020 06:06:34 GMT Content-Type text/html Content-Length 0 Connection keep-alive Location http://www.ziao.site/
GET H/1.1	200 OK	3-row-fixed-layout.css www.ziao.site/iwov-resources/fixed-layout/	834 B 1 KB	315ms 300ms	Stylesheet text/css	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/iwov-resources/fixed-layout/3-row-fixed-layout.css Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `1fe373ebd7829b9c7dea4a93455e6a9d1b267d772f376f7a94236914c264e3d8` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Last-Modified Mon, 10 Feb 2020 19:57:42 GMT Server nginx ETag "5e41b5b6-342" Content-Type text/css Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 834 Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	main.css www.ziao.site/assets/CB_resources/styles/	881 KB 178 KB	326ms 312ms	Stylesheet text/css	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/styles/main.css Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `1ed4bfe8eeaf52c2f762a089dd1e40780905929cfb13501d22986404f6e6441b` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Content-Encoding gzip Last-Modified Mon, 10 Feb 2020 19:57:42 GMT Server nginx ETag W/"5e41b5b6-dc543" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=432000 Transfer-Encoding chunked Connection keep-alive Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	fonts-thehand.css www.ziao.site/assets/CB_resources/styles/	764 B 1 KB	371ms 356ms	Stylesheet text/css	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/styles/fonts-thehand.css Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `495cde841925bff94d37a9233db08a0acaaa8c91b0c0d27d71d550dc33eee9d8` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Last-Modified Mon, 10 Feb 2020 19:57:42 GMT Server nginx ETag "5e41b5b6-2fc" Content-Type text/css Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 764 Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	WCPT-3066_MR-QL-Styling.css www.ziao.site/assets/CB_resources/styles/	351 B 652 B	315ms 301ms	Stylesheet text/css	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/styles/WCPT-3066_MR-QL-Styling.css Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `cd1796024b7043ced3dc9b850033cca707bb344bfc8378b166eaea92098dc098` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Last-Modified Mon, 10 Feb 2020 19:57:42 GMT Server nginx ETag "5e41b5b6-15f" Content-Type text/css Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 351 Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	tj.js Show response www.ziao.site/	0 154 B	373ms 359ms	Script application/x-javascript	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/tj.js Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Server nginx Connection keep-alive Content-Length 0 Content-Type application/x-javascript
GET H/1.1	200 OK	common.js Show response www.ziao.site/	4 KB 2 KB	475ms 160ms	Script application/x-javascript	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/common.js Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `93cb50adfcb4eeecf03f996d9810c4cdd866f1bb49de6455f94f35055ec1c209` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection keep-alive Vary Accept-Encoding Content-Type application/x-javascript
GET H/1.1	200 OK	logo.png www.ziao.site/assets/CB_resources/images/	11 KB 11 KB	159ms 158ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_resources/images/logo.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `71b7558b87c1fbb61778351a30569d9219c95ed4cda9bdacc44bc44ea5c307fe` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Last-Modified Mon, 10 Feb 2020 19:57:43 GMT Server nginx ETag "5e41b5b7-2af6" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 10998 Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	zelle-logo-notagline.png www.ziao.site/assets/resources/images/landingpages/	29 KB 29 KB	215ms 159ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/resources/images/landingpages/zelle-logo-notagline.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `1fa693ae2c0a1e2e9f7e37696e6f2b3584e505624b2a6dea4cca2f21e341f071` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Last-Modified Mon, 10 Feb 2020 19:57:43 GMT Server nginx ETag "5e41b5b7-7340" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 29504 Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	ajax-loader.gif www.ziao.site/assets/CB_media/images/	723 B 1 KB	157ms 157ms	Image image/gif	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_media/images/ajax-loader.gif Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `1699319d1a0e97bc5dab1f23467264b58c0ae190c5554892b675ae348e2b88e0` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Last-Modified Mon, 10 Feb 2020 19:57:43 GMT Server nginx ETag "5e41b5b7-2d3" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 723 Expires Wed, 26 Feb 2020 06:06:44 GMT
GET H/1.1	200 OK	Facebook_29.png www.ziao.site/assets/CB_resources/images/	18 KB 18 KB	157ms 157ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_resources/images/Facebook_29.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `d2a5d46cd523cccd28b7939104e59a582c146755792fe2ea5a62321829290d3d` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:43 GMT Server nginx ETag "5e41b5b7-4701" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 18177 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	Twitter_29.png www.ziao.site/assets/CB_resources/images/	16 KB 16 KB	160ms 159ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_resources/images/Twitter_29.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `d4d0a32e8679ef3475c912356d9aede3bc9f500d0f060db73041772226e292da` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:43 GMT Server nginx ETag "5e41b5b7-3e88" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 16008 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	LinkedIn_29.png www.ziao.site/assets/CB_resources/images/	16 KB 16 KB	159ms 158ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_resources/images/LinkedIn_29.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `022607e7a40c0072407d35e7100546fb2478abf5536c71afcc61f1495ec62784` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:43 GMT Server nginx ETag "5e41b5b7-3eda" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 16090 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	YouTube-social-square-red_29.png www.ziao.site/assets/CB_resources/images/	20 KB 20 KB	158ms 158ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_resources/images/YouTube-social-square-red_29.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `cdf2dd47026a05fc5a361b2cdcaacd13a50b94c9a3141b99e5e183da050f9acb` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:44 GMT Server nginx ETag "5e41b5b8-4feb" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 20459 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	Instagram_29.png www.ziao.site/assets/CB_resources/images/	17 KB 17 KB	165ms 164ms	Image image/png	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_resources/images/Instagram_29.png Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `bb56f903205f7b0ab35c2b0f44949156c1a726725b9d0fbe56e8a2f6c439501d` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:44 GMT Server nginx ETag "5e41b5b8-42f6" Content-Type image/png Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 17142 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	elh.gif www.ziao.site/assets/CB_media/images/	1 KB 2 KB	163ms 162ms	Image image/gif	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_media/images/elh.gif Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:44 GMT Server nginx ETag "5e41b5b8-599" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 1433 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	fdicFooter.gif www.ziao.site/assets/CB_media/images/	2 KB 2 KB	161ms 160ms	Image image/gif	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Show image Full URL http://www.ziao.site/assets/CB_media/images/fdicFooter.gif Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d` Request headers Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Last-Modified Mon, 10 Feb 2020 19:57:44 GMT Server nginx ETag "5e41b5b8-8c5" Content-Type image/gif Cache-Control max-age=432000 Connection keep-alive Accept-Ranges bytes Content-Length 2245 Expires Wed, 26 Feb 2020 06:06:45 GMT
GET H/1.1	200 OK	eddata Show response www.456api.com/index.php/Article/	69 B 547 B	172ms 159ms	XHR application/json	2606:4700:3033::6812:3952 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://www.456api.com/index.php/Article/eddata?zq=zq_kf&val=smplink&t=0.18075922345972506?v=03509060907359074 Requested by Host: www.ziao.site URL: http://www.ziao.site/common.js Protocol HTTP/1.1 Server 2606:4700:3033::6812:3952 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `69034911b24cd9e64ef82888676650f5d63b0fcbb8e18d29e1d3bc75a1772153` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:44 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive CF-RAY 568689367a9dc2d6-FRA
GET H/1.1	200 OK	citisanb-webfont.woff www.ziao.site/assets/CB_resources/fonts/	493 B 634 B	183ms 161ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisanb-webfont.woff Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 493 Content-Type text/html
GET H/1.1	200 OK	citizens_iconfont.ttf www.ziao.site/assets/CB_resources/fonts/	489 B 630 B	266ms 159ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citizens_iconfont.ttf Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 489 Content-Type text/html
GET H/1.1	200 OK	citisa01-webfont.woff www.ziao.site/assets/CB_resources/fonts/	493 B 634 B	294ms 159ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisa01-webfont.woff Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 493 Content-Type text/html
GET H/1.1	200 OK	citisani-webfont.woff www.ziao.site/assets/CB_resources/fonts/	493 B 634 B	300ms 162ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisani-webfont.woff Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 493 Content-Type text/html
GET H/1.1	200 OK	citisa02-webfont.woff www.ziao.site/assets/CB_resources/fonts/	493 B 634 B	282ms 163ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisa02-webfont.woff Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 493 Content-Type text/html
GET		push.js push.zhanzhang.baidu.com/	0 0

GET H2	200	index.html avvgangan.com/ Frame EB4A	0 0	348ms 319ms	Document text/html	2606:4700:3037::681f:5c63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://avvgangan.com/index.html Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:5c63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority avvgangan.com :scheme https :path /index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer http://www.ziao.site/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer http://www.ziao.site/ Response headers status 200 date Fri, 21 Feb 2020 06:06:44 GMT content-type text/html set-cookie __cfduid=d104ef5b561ba2a50f68cc7b5ea3b02751582265204; expires=Sun, 22-Mar-20 06:06:44 GMT; path=/; domain=.avvgangan.com; HttpOnly; SameSite=Lax; Secure last-modified Fri, 07 Feb 2020 15:26:43 GMT vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 56868937ae9c1766-FRA content-encoding br
GET H/1.1	200 OK	citisanb-webfont.ttf www.ziao.site/assets/CB_resources/fonts/	489 B 630 B	238ms 158ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisanb-webfont.ttf Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 489 Content-Type text/html
GET H/1.1	200 OK	citizens_iconfont.woff www.ziao.site/assets/CB_resources/fonts/	493 B 634 B	204ms 176ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citizens_iconfont.woff Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 493 Content-Type text/html
GET H/1.1	200 OK	citisa01-webfont.ttf www.ziao.site/assets/CB_resources/fonts/	489 B 630 B	177ms 170ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisa01-webfont.ttf Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 489 Content-Type text/html
GET H/1.1	200 OK	citisani-webfont.ttf www.ziao.site/assets/CB_resources/fonts/	489 B 630 B	173ms 167ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisani-webfont.ttf Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 489 Content-Type text/html
GET H/1.1	200 OK	citisa02-webfont.ttf www.ziao.site/assets/CB_resources/fonts/	489 B 630 B	210ms 171ms	Font text/html	172.120.184.43 EGIHOSTING
General Check archive.org Show headers Download Go to Full URL http://www.ziao.site/assets/CB_resources/fonts/citisa02-webfont.ttf Requested by Host: www.ziao.site URL: http://www.ziao.site/ Protocol HTTP/1.1 Server 172.120.184.43 San Jose, United States, ASN18779 (EGIHOSTING, US), Reverse DNS Software nginx / Resource Hash `950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390` Request headers Origin http://www.ziao.site Referer http://www.ziao.site/assets/CB_resources/styles/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 21 Feb 2020 06:06:45 GMT Server nginx Connection keep-alive Content-Length 489 Content-Type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.ziao.site/common.js(Line 12) Message: 1
console-api	log	URL: http://www.ziao.site/common.js(Line 42) Message: 2
console-api	log	URL: http://www.ziao.site/common.js(Line 47) Message: 0*DIVshowcloneshengxiaon
console-api	log	URL: http://www.ziao.site/common.js(Line 47) Message: 1*STYLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avvgangan.com
push.zhanzhang.baidu.com
www.456api.com
www.ziao.site
ziao.site
push.zhanzhang.baidu.com
172.120.184.43
2606:4700:3033::6812:3952
2606:4700:3037::681f:5c63
022607e7a40c0072407d35e7100546fb2478abf5536c71afcc61f1495ec62784
0f74da960baffaaf2e72ad22a0ed57c17b07e870fe9ae20520880fc0499ad293
1699319d1a0e97bc5dab1f23467264b58c0ae190c5554892b675ae348e2b88e0
1ed4bfe8eeaf52c2f762a089dd1e40780905929cfb13501d22986404f6e6441b
1fa693ae2c0a1e2e9f7e37696e6f2b3584e505624b2a6dea4cca2f21e341f071
1fe373ebd7829b9c7dea4a93455e6a9d1b267d772f376f7a94236914c264e3d8
495cde841925bff94d37a9233db08a0acaaa8c91b0c0d27d71d550dc33eee9d8
56c43c6f5c8209acd47f355810bca2f9b0fc86c4bbdf1361d60fb2d2e2e66f8c
69034911b24cd9e64ef82888676650f5d63b0fcbb8e18d29e1d3bc75a1772153
71b7558b87c1fbb61778351a30569d9219c95ed4cda9bdacc44bc44ea5c307fe
93cb50adfcb4eeecf03f996d9810c4cdd866f1bb49de6455f94f35055ec1c209
950270ebeccc670b32a9909d56ff9c21087258d4dd847e8deb1afda868023390
bb56f903205f7b0ab35c2b0f44949156c1a726725b9d0fbe56e8a2f6c439501d
cd1796024b7043ced3dc9b850033cca707bb344bfc8378b166eaea92098dc098
cdf2dd47026a05fc5a361b2cdcaacd13a50b94c9a3141b99e5e183da050f9acb
d2a5d46cd523cccd28b7939104e59a582c146755792fe2ea5a62321829290d3d
d3f2177350e3e05865cc1ffcf316735980d4c870aca64d528dd600314ebca6f2
d4d0a32e8679ef3475c912356d9aede3bc9f500d0f060db73041772226e292da
dddb031e5144ce20d909dbf4829d637738efa477bf5ab4eab67b1990ef0efb2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.ziao.site Open in urlscan Pro 172.120.184.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

3 %HTTPS

67 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

345 kBTransfer

1184 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ziao.site Open in urlscan Pro
172.120.184.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

3 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

345 kB
Transfer

1184 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!